[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-announce
Subject: [kde-announce] KDE Security Advisory: Multiple vulnerabilities in
From: Waldo Bastian <bastian () kde ! org>
Date: 2005-01-21 15:30:24
Message-ID: 200501211630.28520.bastian () kde ! org
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
KDE Security Advisory: Multiple vulnerabilities in Konversation
Original Release Date: 20050121
URL: http://www.kde.org/info/security/advisory-20050121-1.txt
0. References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0129
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0130
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0131
http://lists.netsys.com/pipermail/full-disclosure/2005-January/031033.html
1. Systems affected:
All Konversation versions up to and including 0.15
2. Overview:
Multiple vulnerabilities have been discovered in Konversation,
an IRC client for KDE.
A flaw in the expansion of %-escaped variables makes that %-escaped
variables in certain input strings will be inadvertently expanded
too. The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2005-0129 to this issue.
Several perl scripts included with Konversation fail to properly
handle command line arguments causing a command line injection
vulnerability. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0130 to this issue.
Nick and password are confused in the quick connection dialog,
so connecting with that dialog and filling in a password, would
use that password as nick, and may inadvertently expose the
password to others. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0131 to this issue.
3. Impact:
A user might be tricked to join a channel with a specially crafted
channel name containing shell commands. If user runs a script in
that channel it will result in an arbitrary command execution.
If quick connect is used with a password, the password is used as
nickname instead. As a result the password may be exposed to others.
4. Solution:
Upgrade to Konversation 0.15.1 available from
http://download.berlios.de/konversation/konversation-0.15.1.tar.bz2
5. Patch:
A patch for Konversation 0.15 is available from
ftp://ftp.kde.org/pub/kde/security_patches
36f8b6beac18a9d173339388d13e2335 post-0.15-konversation.diff
6. Time line and credits:
18/01/2005 Konversation developers informed by Wouter Coekaerts
19/01/2005 Patches applied to KDE CVS.
19/01/2005 Konversation 0.15.1 released.
21/01/2005 KDE Security Advisory released.
[Attachment #5 (application/pgp-signature)]
_______________________________________________
kde-announce mailing list
kde-announce@kde.org
https://mail.kde.org/mailman/listinfo/kde-announce
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic