|
|
>> Mandriva Security Update Fixes KDE Privilege Escalation Vulnerability
|
Title : Mandriva Security Update Fixes KDE Privilege Escalation Vulnerability
VUPEN ID : VUPEN/ADV-2008-1442
CVE ID : CVE-2008-1671
Rated as : Moderate Risk 
Remotely Exploitable : No
Locally Exploitable : Yes
Release Date : 2008-05-07
|
A vulnerability has been identified in Mandriva, which could be exploited by local attackers to bypass security restrictions and gain elevated privileges. This issue is caused by an error in kdelibs. For additional information, see : VUPEN/ADV-2008-1370
Affected Products
Mandriva Linux 2008.0
Mandriva Linux 2008.1
Solution
Upgrade the affected packages :
Mandriva Linux 2008.0:
6e9ec4d86831c1de8d97b1143e412094 2008.0/i586/kdelibs-common-3.5.7-43.8mdv2008.0.i586.rpm
13c4540bad80e97dea7d4f0ae0b85e48 2008.0/i586/kdelibs-devel-doc-3.5.7-43.8mdv2008.0.i586.rpm
e37ee088e281f3ac22aaa9a2cf967bff 2008.0/i586/libkdecore4-3.5.7-43.8mdv2008.0.i586.rpm
68de2c2c0c4aefaae88598329c4ae842 2008.0/i586/libkdecore4-devel-3.5.7-43.8mdv2008.0.i586.rpm
f88003b0ee66bf4bcb456b7352972507 2008.0/SRPMS/kdelibs-3.5.7-43.8mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
f22003b71a01cde99bbec436462d8b89 2008.0/x86_64/kdelibs-common-3.5.7-43.8mdv2008.0.x86_64.rpm
d22e1bbc15d300768f58c75d810bb799 2008.0/x86_64/kdelibs-devel-doc-3.5.7-43.8mdv2008.0.x86_64.rpm
d52a94a110cd8ccf0611f1c199f0ee91 2008.0/x86_64/lib64kdecore4-3.5.7-43.8mdv2008.0.x86_64.rpm
7fd7f380efa11735eb0b4a174f5c7ade 2008.0/x86_64/lib64kdecore4-devel-3.5.7-43.8mdv2008.0.x86_64.rpm
f88003b0ee66bf4bcb456b7352972507 2008.0/SRPMS/kdelibs-3.5.7-43.8mdv2008.0.src.rpm
Mandriva Linux 2008.1:
3fdded980feeb40749c9fbef31c8274d 2008.1/i586/kdelibs-common-3.5.9-10.1mdv2008.1.i586.rpm
c0bba005dbc4013ff8cbe933ff9e5584 2008.1/i586/kdelibs-devel-doc-3.5.9-10.1mdv2008.1.i586.rpm
8867c7c83437e532b632a3a8f578e39d 2008.1/i586/libkdecore4-3.5.9-10.1mdv2008.1.i586.rpm
eec45645cada33b83c4394cdfca05af8 2008.1/i586/libkdecore4-devel-3.5.9-10.1mdv2008.1.i586.rpm
5d6b90aaf30b609c801e6d41727be2a4 2008.1/SRPMS/kdelibs-3.5.9-10.1mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64:
880a8c5c0efe5688bbbcacda27866b32 2008.1/x86_64/kdelibs-common-3.5.9-10.1mdv2008.1.x86_64.rpm
e217bf386a48838736364332c9919639 2008.1/x86_64/kdelibs-devel-doc-3.5.9-10.1mdv2008.1.x86_64.rpm
cd18170a8fe9c90e577e2a322f6e6146 2008.1/x86_64/lib64kdecore4-3.5.9-10.1mdv2008.1.x86_64.rpm
c28603d515c0d86f5ac782541c5b24a9 2008.1/x86_64/lib64kdecore4-devel-3.5.9-10.1mdv2008.1.x86_64.rpm
5d6b90aaf30b609c801e6d41727be2a4 2008.1/SRPMS/kdelibs-3.5.9-10.1mdv2008.1.src.rpm
References
http://www.vupen.com/english/advisories/2008/1442
http://archives.mandrivalinux.com/security-announce/2008-05/msg00007.php
ChangeLog
2008-05-07 : Initial release
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
