jdong
Eat A Beaver, Save A Tree.
Premium
join:2002-07-09
Rochester, MI
clubs:   | reply to Smokey Bear
Re: KDE 4.x Multiple Highly Critical Vulnerabilities
In fact, the proactives stack/heap protection capabilities of most distributions (OpenSUSE, Fedora/RHEL, Ubuntu) will stop this class of vulnerabilities.
--
Ubuntu MOTU Developer and Forums Council |
|
SUMware
Premium
join:2002-05-21 | reply to KodiacZiller
Agreed. It's pretty much a non-issue. |
|
KodiacZiller
join:2008-09-04
73368
1 edit | reply to SUMware
This appears to only be an issue if one is using a KHTML browser (a la Konqueror) which hardly anyone does, almost all Linux users use Firefox. And, as Sumware said, not running as root would stop this from compromising the entire system (and almost no one runs as root, especially on the *buntu's). Kubuntu has already pushed the fix for this. I was prompted to update earlier today.
This is one of the reasons I always create MAC profiles for my browser -- it's easy to do and makes bugs like this near impossible to execute. (Actually AppArmor is easy to do, SELinux not so much) 
And where is Matunga?  |
|
SUMware
Premium
join:2002-05-21 | reply to Smokey Bear
OK. Understand. Well, I guess that we've now accomplished that. LOL. |
|
Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub
| reply to SUMware
said by SUMware  :And I posted additional information for members. I'd be happy to delete my post if you'd like, and its information, if you think that it will be of benefit to readers to do so. No need, your info regard also KDE vulnerabilities, but there was the need to clarify that your reply affect KDE 3.x users.
--
Smokey's Security Forums »www.smokey-services.eu/forums/
Smokey's Security Weblog »smokeys.wordpress.com/
Site Member ASAP - Alliance of Security Analysis Professionals |
|
SUMware
Premium
join:2002-05-21 | reply to Smokey Bear
And I posted additional information for members.
I'd be happy to delete my post if you'd like, and its information, if you think that it will be of benefit to readers to do so. |
|
Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub | reply to SUMware
I posted about KDE 4.x vulnerabilities... |
|
SUMware
Premium
join:2002-05-21
| reply to Smokey Bear
said by Smokey Bear :According to F-Secure, this regard KDE 3.x Yes. That's what they say. |
|
Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub
| reply to SUMware
According to F-Secure, this regard KDE 3.x
--
Smokey's Security Forums »www.smokey-services.eu/forums/
Smokey's Security Weblog »smokeys.wordpress.com/
Site Member ASAP - Alliance of Security Analysis Professionals |
|
SUMware
Premium
join:2002-05-21
4 edits | reply to Smokey Bear
Linux distributions provide repository fixes and security updates for users.
More information:
»www.f-secure.com/vulnerabilities···00902981
PS - Don't run as root, then it's not an issue. |
|
Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub
|  »secunia.com/advisories/35627/
--
Smokey's Security Forums »www.smokey-services.eu/forums/
Smokey's Security Weblog »smokeys.wordpress.com/
Site Member ASAP - Alliance of Security Analysis Professionals |
|
