Advisories

Mandriva Advisories

Package name	kdebase
Date	September 16th, 2003
Advisory ID	MDKSA-2003:091
Affected versions	9.0, 9.1, CS2.1
Synopsis	Updated kdebase packages fix vulnerabilities in KDM

Problem Description

A vulnerability was discovered in all versions of KDE 2.2.0 up to and
including 3.1.3. KDM does not check for successful completion of the
pam_setcred() call and in the case of error conditions in the installed
PAM modules, KDM may grant local root access to any user with valid
login credentials. It has been reported to the KDE team that a certain
configuration of the MIT pam_krb5 module can result in a failing
pam_setcred() call which leaves the session alive and would provide root
access to any regular user. It is also possible that this vulnerability
can likewise be exploited with other PAM modules in a similar manner.

Another vulnerability was discovered in kdm where the cookie session
generating algorithm was considered too weak to supply a full 128 bits
of entropy. This allowed unauthorized users to brute-force the session
cookie.

mdkkdm, a specialized version of kdm, is likewise vulnerable to these
problems and has been patched as well.

Updated Packages

Mandrakelinux 9.0

 b16612d8f4e68781cecaf9d32e12c50c  9.0/RPMS/kdebase-3.0.5a-1.4mdk.i586.rpm
a80f6c8029c536d59f92fcf7bcf1abd5  9.0/RPMS/kdebase-devel-3.0.5a-1.4mdk.i586.rpm
ae02c014e1994c25a1ee23a7eee8095c  9.0/RPMS/kdebase-nsplugins-3.0.5a-1.4mdk.i586.rpm
f9ebdbc69440ca1d11fcd5653f8173d6  9.0/SRPMS/kdebase-3.0.5a-1.4mdk.src.rpm

Mandrakelinux 9.1

 06423402c174ef11a64bd0ed44c4a624  9.1/RPMS/kdebase-3.1-83.5mdk.i586.rpm
bfa3c991495ec60d87858cd1563353ab  9.1/RPMS/kdebase-devel-3.1-83.5mdk.i586.rpm
cfef59c2e6d2c0faf7469ab2d036e091  9.1/RPMS/kdebase-kdm-3.1-83.5mdk.i586.rpm
ab122d6e7931a96d239e0aa6db401ffa  9.1/RPMS/kdebase-nsplugins-3.1-83.5mdk.i586.rpm
dbcedf83b6ed92afb8d30bdf54ec38d5  9.1/RPMS/mdkkdm-9.1-24.2mdk.i586.rpm
dc8f0c5f34088514900266eeaeff63bb  9.1/SRPMS/kdebase-3.1-83.5mdk.src.rpm
d5c82813906df0100a099e10a030672b  9.1/SRPMS/mdkkdm-9.1-24.2mdk.src.rpm

Mandrakelinux 9.1/PPC

 a34824fd162a8ce79258c4db2f2c2d56  ppc/9.1/RPMS/kdebase-3.1-83.5mdk.ppc.rpm
2f3bb4c00a78faa0792dd0353b6e09f2  ppc/9.1/RPMS/kdebase-devel-3.1-83.5mdk.ppc.rpm
818e187fcc9328683fd8e33044c43a78  ppc/9.1/RPMS/kdebase-kdm-3.1-83.5mdk.ppc.rpm
63a508bdfc7040697fd200c9f580204b  ppc/9.1/RPMS/kdebase-nsplugins-3.1-83.5mdk.ppc.rpm
499cd7d3f1e4cc7b1276c0f9eed1c0cf  ppc/9.1/RPMS/mdkkdm-9.1-24.2mdk.ppc.rpm
dc8f0c5f34088514900266eeaeff63bb  ppc/9.1/SRPMS/kdebase-3.1-83.5mdk.src.rpm
d5c82813906df0100a099e10a030672b  ppc/9.1/SRPMS/mdkkdm-9.1-24.2mdk.src.rpm

Corporate Server 2.1

 b16612d8f4e68781cecaf9d32e12c50c  corporate/2.1/RPMS/kdebase-3.0.5a-1.4mdk.i586.rpm
a80f6c8029c536d59f92fcf7bcf1abd5  corporate/2.1/RPMS/kdebase-devel-3.0.5a-1.4mdk.i586.rpm
ae02c014e1994c25a1ee23a7eee8095c  corporate/2.1/RPMS/kdebase-nsplugins-3.0.5a-1.4mdk.i586.rpm
f9ebdbc69440ca1d11fcd5653f8173d6  corporate/2.1/SRPMS/kdebase-3.0.5a-1.4mdk.src.rpm

Corporate Server 2.1/X86_64

 cf6fbbfee865b54584632655fa019ee3  x86_64/corporate/2.1/RPMS/kdebase-3.0.5-2.2mdk.x86_64.rpm
08867a45c5be3c48bbd4c93ced0b6ebb  x86_64/corporate/2.1/RPMS/kdebase-devel-3.0.5-2.2mdk.x86_64.rpm
cf53476849eb402be28d6a52ac86a218  x86_64/corporate/2.1/RPMS/kdebase-nsplugins-3.0.5-2.2mdk.x86_64.rpm
a1ee293f258c76a720310183f0c4dda4  x86_64/corporate/2.1/SRPMS/kdebase-3.0.5-2.2mdk.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0690
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0692
http://www.kde.org/info/security/advisory-20030916-1.txt
http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html

Upgrade

To upgrade automatically, use MandrivaUpdate.

Verification

Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

                rpm --checksig package.rpm

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

URL:

https://mandriva.com/security/advisories

Short link:

https://mandriva.com/content/view/full/1075

Intersites Menu

Mandriva

Tools

Top menu

Advisories

Footer