Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-938-1
HistoryMay 13, 2010 - 12:00 a.m.

KDENetwork vulnerabilities

2010-05-1300:00:00
ubuntu.com
41

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

10 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

82.1%

JSON

Releases

  • Ubuntu 10.04
  • Ubuntu 9.10
  • Ubuntu 9.04

Packages

  • kdenetwork -

Details

It was discovered that KGet did not properly perform input validation when
processing metalink files. If a user were tricked into opening a crafted
metalink file, a remote attacker could overwrite files via directory
traversal, which could eventually lead to arbitrary code execution.
(CVE-2010-1000)

It was discovered that KGet would not always wait for user confirmation
when downloading metalink files. If a user selected a file to download
but did not confirm or cancel the download, KGet would proceed with the
download, overwriting any file with the same name. This issue only
affected Ubuntu 10.04 LTS. (CVE-2010-1511)

OSVersionArchitecturePackageVersionFilename
Ubuntu9.10noarchkget< 4:4.3.2-0ubuntu4.1UNKNOWN
Ubuntu9.10noarchkde-zeroconf< 4:4.3.2-0ubuntu4.1UNKNOWN
Ubuntu9.10noarchkdenetwork-dbg< 4:4.3.2-0ubuntu4.1UNKNOWN
Ubuntu9.10noarchkdenetwork-filesharing< 4:4.3.2-0ubuntu4.1UNKNOWN
Ubuntu9.10noarchkopete< 4:4.3.2-0ubuntu4.1UNKNOWN
Ubuntu9.10noarchkppp< 4:4.3.2-0ubuntu4.1UNKNOWN
Ubuntu9.10noarchkrdc< 4:4.3.2-0ubuntu4.1UNKNOWN
Ubuntu9.10noarchkrfb< 4:4.3.2-0ubuntu4.1UNKNOWN
Ubuntu9.10noarchlibkopete-dev< 4:4.3.2-0ubuntu4.1UNKNOWN
Ubuntu9.10noarchlibkopete4< 4:4.3.2-0ubuntu4.1UNKNOWN
Rows per page:
1-10 of 291

Related

nessus 12
openvas 101
fedora 69
securityvulns 4
ubuntucve 2
cvelist 3
cve 2
prion 3
nvd 2
oraclelinux 1
nessus
nessus
Mandriva Linux Security Advisory : kdenetwork4 (MDVSA-2010:098)
2010-05-19 00:00:00
Ubuntu 9.04 / 9.10 / 10.04 LTS : kdenetwork vulnerabilities (USN-938-1)
2010-05-14 00:00:00
Fedora 12 : kdenetwork-4.4.5-4.fc12 (2010-18029)
2010-12-01 00:00:00
openvas
openvas
Fedora Update for kdegraphics FEDORA-2010-8544
2010-05-28 00:00:00
Fedora Update for kdegraphics FEDORA-2010-8547
2010-05-28 00:00:00
Fedora Update for kde-l10n FEDORA-2010-8544
2010-05-28 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: kdebindings-4.4.3-1.fc13.1
2010-05-26 21:42:53
[SECURITY] Fedora 13 Update: kdepim-4.4.3-1.fc13.1
2010-05-26 21:42:53
[SECURITY] Fedora 13 Update: kdepimlibs-4.4.3-1.fc13.1
2010-05-26 21:42:53
securityvulns
securityvulns
KDE KGet files overwrite
2010-05-14 00:00:00
Secunia Research: KDE KGet Insecure File Operation Vulnerability
2010-05-14 00:00:00
[USN-938-1] KDENetwork vulnerability
2010-05-14 00:00:00
ubuntucve
ubuntucve
CVE-2010-1511
2010-05-14 00:00:00
CVE-2010-1000
2010-05-12 00:00:00
cvelist
cvelist
CVE-2010-1511
2010-05-17 20:42:00
CVE-2010-1000
2010-05-17 20:42:00
CVE-2011-1586
2011-04-27 00:00:00
cve
cve
CVE-2010-1511
2010-05-17 21:00:01
CVE-2010-1000
2010-05-17 21:00:01
prion
prion
Cross site request forgery (csrf)
2010-05-17 21:00:00
Directory traversal
2010-05-17 21:00:00
Directory traversal
2011-04-27 00:55:00
nvd
nvd
CVE-2010-1511
2010-05-17 21:00:01
CVE-2010-1000
2010-05-17 21:00:01
oraclelinux
oraclelinux
kdenetwork security update
2011-04-21 00:00:00

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

10 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

82.1%

JSON
Related for USN-938-1
nessus12openvas101fedora69securityvulns4ubuntucve2cvelist3cve2prion3nvd2oraclelinux1