Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub
|  KDE 4.x Multiple Highly Critical Vulnerabilities
»secunia.com/advisories/35627/
--
Smokey's Security Forums »www.smokey-services.eu/forums/
Smokey's Security Weblog »smokeys.wordpress.com/
Site Member ASAP - Alliance of Security Analysis Professionals |
|
SUMware
Premium
join:2002-05-21
4 edits | Linux distributions provide repository fixes and security updates for users.
More information:
»www.f-secure.com/vulnerabilities···00902981
PS - Don't run as root, then it's not an issue.  |
|
Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub
| According to F-Secure, this regard KDE 3.x
--
Smokey's Security Forums »www.smokey-services.eu/forums/
Smokey's Security Weblog »smokeys.wordpress.com/
Site Member ASAP - Alliance of Security Analysis Professionals |
|
SUMware
Premium
join:2002-05-21
| said by Smokey Bear  :According to F-Secure, this regard KDE 3.x Yes. That's what they say. |
|
Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub | I posted about KDE 4.x vulnerabilities... |
|
SUMware
Premium
join:2002-05-21 | And I posted additional information for members.
I'd be happy to delete my post if you'd like, and its information, if you think that it will be of benefit to readers to do so. |
|
Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub
| said by SUMware :And I posted additional information for members. I'd be happy to delete my post if you'd like, and its information, if you think that it will be of benefit to readers to do so. No need, your info regard also KDE vulnerabilities, but there was the need to clarify that your reply affect KDE 3.x users. 
--
Smokey's Security Forums »www.smokey-services.eu/forums/
Smokey's Security Weblog »smokeys.wordpress.com/
Site Member ASAP - Alliance of Security Analysis Professionals |
|
SUMware
Premium
join:2002-05-21 | OK. Understand. Well, I guess that we've now accomplished that. LOL. |
|
KodiacZiller
join:2008-09-04
73368
1 edit | This appears to only be an issue if one is using a KHTML browser (a la Konqueror) which hardly anyone does, almost all Linux users use Firefox. And, as Sumware said, not running as root would stop this from compromising the entire system (and almost no one runs as root, especially on the *buntu's). Kubuntu has already pushed the fix for this. I was prompted to update earlier today.
This is one of the reasons I always create MAC profiles for my browser -- it's easy to do and makes bugs like this near impossible to execute. (Actually AppArmor is easy to do, SELinux not so much)
And where is Matunga? |
|
SUMware
Premium
join:2002-05-21 | Agreed. It's pretty much a non-issue. |
|
jdong
Eat A Beaver, Save A Tree.
Premium
join:2002-07-09
Rochester, MI
clubs:   | reply to Smokey Bear
In fact, the proactives stack/heap protection capabilities of most distributions (OpenSUSE, Fedora/RHEL, Ubuntu) will stop this class of vulnerabilities.
--
Ubuntu MOTU Developer and Forums Council |
|
