Lucene search
RedHatRHSA-2006:0548HistoryJun 14, 2006 - 12:00 a.m.
(RHSA-2006:0548) kdebase security update
2006-06-1400:00:00
access.redhat.com
7
0.001 Low
EPSS
Percentile
26.5%
The kdebase packages provide the core applications for KDE, the K Desktop
Environment. These core packages include the KDE Display Manager (KDM).
Ludwig Nussel discovered a flaw in KDM. A malicious local KDM user could
use a symlink attack to read an arbitrary file that they would not normally
have permissions to read. (CVE-2006-2449)
Note: this issue does not affect the version of KDM as shipped with Red Hat
Enterprise Linux 2.1 or 3.
All users of KDM should upgrade to these updated packages which contain a
backported patch to correct this issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | any | ia64 | kdebase-devel | < 3.3.1-5.12 | kdebase-devel-3.3.1-5.12.ia64.rpm |
| RedHat | any | x86_64 | kdebase | < 3.3.1-5.12 | kdebase-3.3.1-5.12.x86_64.rpm |
| RedHat | any | s390 | kdebase | < 3.3.1-5.12 | kdebase-3.3.1-5.12.s390.rpm |
| RedHat | any | ppc64 | kdebase | < 3.3.1-5.12 | kdebase-3.3.1-5.12.ppc64.rpm |
| RedHat | any | ppc | kdebase-devel | < 3.3.1-5.12 | kdebase-devel-3.3.1-5.12.ppc.rpm |
| RedHat | any | ppc | kdebase | < 3.3.1-5.12 | kdebase-3.3.1-5.12.ppc.rpm |
| RedHat | any | i386 | kdebase | < 3.3.1-5.12 | kdebase-3.3.1-5.12.i386.rpm |
| RedHat | any | ia64 | kdebase | < 3.3.1-5.12 | kdebase-3.3.1-5.12.ia64.rpm |
| RedHat | any | s390x | kdebase-devel | < 3.3.1-5.12 | kdebase-devel-3.3.1-5.12.s390x.rpm |
| RedHat | any | s390 | kdebase-devel | < 3.3.1-5.12 | kdebase-devel-3.3.1-5.12.s390.rpm |
Related
nessus
nessus
CentOS 4 : kdebase (CESA-2006:0548)
2006-07-05 00:00:00
Slackware 10.0 / 10.1 / 10.2 / current : kdebase kdm local file reading vulnerability (SSA:2006-178-01)
2006-06-28 00:00:00
Mandrake Linux Security Advisory : kdebase (MDKSA-2006:105)
2006-06-16 00:00:00
centos
centos
kdebase security update
2006-06-15 11:14:13
slackware
slackware
SSA-2006-0628032502
2006-06-28 03:25:02
kdebase kdm local file reading vulnerability
2006-06-27 20:25:02
openvas
openvas
Debian: Security Advisory (DSA-1156)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200606-23 (kdebase, KDM)
2008-09-24 00:00:00
Debian Security Advisory DSA 1156-1 (kdebase)
2008-01-17 00:00:00
nvd
nvd
CVE-2006-2449
2006-06-15 10:02:00
cve
cve
CVE-2006-2449
2006-06-15 10:02:00
gentoo
gentoo
KDM: Symlink vulnerability
2006-06-22 00:00:00
securityvulns
securityvulns
[USN-301-1] kdm vulnerability
2006-06-15 00:00:00
prion
prion
Sql injection
2006-06-15 10:02:00
debian
debian
[SECURITY] [DSA 1156-1] New kdebase packages fix information disclosure
2006-08-27 18:44:39
ubuntucve
ubuntucve
CVE-2006-2449
2006-06-15 00:00:00
suse
suse
local privilege escalation in kdebase3-kdm
2006-07-03 13:56:20
ubuntu
ubuntu
kdm vulnerability
2006-06-15 00:00:00
cvelist
cvelist
CVE-2006-2449
2006-06-15 10:00:00