Vulnerabilities > CVE-2007-4224 - Link Following vulnerability in KDE Konqueror 3.5.7

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

kde

CWE-59

nessus

NVD

Published: 2007-08-08

Updated: 2024-11-21

Summary

KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property.

Vulnerable Configurations

Part	Description	Count
Application	Kde KDE Konqueror 3.5.7	1

Common Weakness Enumeration (CWE)

CWE-59 - Improper Link Resolution Before File Access ('Link Following')

Common Attack Pattern Enumeration and Classification (CAPEC)

Symlink Attack
An attacker positions a symbolic link in such a manner that the targeted user or application accesses the link's endpoint, assuming that it is accessing a file with the link's name. The endpoint file may be either output or input. If the file is output, the result is that the endpoint is modified, instead of a file at the intended location. Modifications to the endpoint file may include appending, overwriting, corrupting, changing permissions, or other modifications. In some variants of this attack the attacker may be able to control the change to a file while in other cases they cannot. The former is especially damaging since the attacker may be able to grant themselves increased privileges or insert false information, but the latter can also be damaging as it can expose sensitive information or corrupt or destroy vital system or application files. Alternatively, the endpoint file may serve as input to the targeted application. This can be used to feed malformed input into the target or to cause the target to process different information, possibly allowing the attacker to control the actions of the target or to cause the target to expose information to the attacker. Moreover, the actions taken on the endpoint file are undertaken with the permissions of the targeted user or application, which may exceed the permissions that the attacker would normally have.
Accessing, Modifying or Executing Executable Files
An attack of this type exploits a system's configuration that allows an attacker to either directly access an executable file, for example through shell access; or in a possible worst case allows an attacker to upload a file and then execute it. Web servers, ftp servers, and message oriented middleware systems which have many integration points are particularly vulnerable, because both the programmers and the administrators must be in synch regarding the interfaces and the correct privileges for each interface.
Leverage Executable Code in Non-Executable Files
An attack of this type exploits a system's trust in configuration and resource files, when the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high. The attack can be directed at a client system, such as causing buffer overrun through loading seemingly benign image files, as in Microsoft Security Bulletin MS04-028 where specially crafted JPEG files could cause a buffer overrun once loaded into the browser. Another example targets clients reading pdf files. In this case the attacker simply appends javascript to the end of a legitimate url for a pdf (http://www.gnucitizen.org/blog/danger-danger-danger/) http://path/to/pdf/file.pdf#whatever_name_you_want=javascript:your_code_here The client assumes that they are reading a pdf, but the attacker has modified the resource and loaded executable javascript into the client's browser process. The attack can also target server processes. The attacker edits the resource or configuration file, for example a web.xml file used to configure security permissions for a J2EE app server, adding role name "public" grants all users with the public role the ability to use the administration functionality. The server trusts its configuration file to be correct, but when they are manipulated, the attacker gains full control.
Manipulating Input to File System Calls
An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.

Nessus

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2007-0905.NASL
description	Updated kdebase packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdebase packages provide the core applications for KDE, the K Desktop Environment. These core packages include Konqueror, the web browser and file manager. These updated packages address the following vulnerabilities : Kees Huijgen found a flaw in the way KDM handled logins when autologin and
last seen	2020-06-01
modified	2020-06-02
plugin id	26973
published	2007-10-12
reporter	This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/26973
title	CentOS 4 / 5 : kdebase (CESA-2007:0905)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2007:0905 and # CentOS Errata and Security Advisory 2007:0905 respectively. # include("compat.inc"); if (description) { script_id(26973); script_version("1.24"); script_cvs_date("Date: 2019/10/25 13:36:03"); script_cve_id("CVE-2007-3820", "CVE-2007-4224", "CVE-2007-4569"); script_bugtraq_id(24912); script_xref(name:"RHSA", value:"2007:0905"); script_name(english:"CentOS 4 / 5 : kdebase (CESA-2007:0905)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated kdebase packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdebase packages provide the core applications for KDE, the K Desktop Environment. These core packages include Konqueror, the web browser and file manager. These updated packages address the following vulnerabilities : Kees Huijgen found a flaw in the way KDM handled logins when autologin and 'shutdown with password' were enabled. A local user would have been able to login via KDM as any user without requiring a password. (CVE-2007-4569) Two Konqueror address spoofing flaws were discovered. A malicious website could spoof the Konqueror address bar, tricking a victim into believing the page was from a different site. (CVE-2007-3820, CVE-2007-4224) Users of KDE should upgrade to these updated packages, which contain backported patches to correct these issues." ); # https://lists.centos.org/pipermail/centos-announce/2007-October/014285.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?c583dbe4" ); # https://lists.centos.org/pipermail/centos-announce/2007-October/014294.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?21121cef" ); # https://lists.centos.org/pipermail/centos-announce/2007-October/014295.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?70b9641a" ); # https://lists.centos.org/pipermail/centos-announce/2007-October/014298.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?96790c92" ); # https://lists.centos.org/pipermail/centos-announce/2007-October/014299.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?996c6225" ); script_set_attribute( attribute:"solution", value:"Update the affected kdebase packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(59, 264); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kdebase"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kdebase-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:4"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5"); script_set_attribute(attribute:"vuln_publication_date", value:"2007/07/16"); script_set_attribute(attribute:"patch_publication_date", value:"2007/10/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) \|\| "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^(4\|5)([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 4.x / 5.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-4", reference:"kdebase-3.3.1-6.el4")) flag++; if (rpm_check(release:"CentOS-4", reference:"kdebase-devel-3.3.1-6.el4")) flag++; if (rpm_check(release:"CentOS-5", reference:"kdebase-3.5.4-15.el5.centos")) flag++; if (rpm_check(release:"CentOS-5", reference:"kdebase-devel-3.5.4-15.el5.centos")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kdebase / kdebase-devel"); }

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2007-716.NASL
description	The remote Fedora Core host is missing one or more security updates : kdebase-3.5.7-1.fc6 : - Tue Oct 2 2007 Than Ngo <than at redhat.com> - 6:3.5.7-1.fc6 - CVE-2007-4224, CVE-2007-4225, CVE-2007-3820 - rh#299741, CVE-2007-4569 - Mon Jul 2 2007 Than Ngo <than at redhat.com> - 6:3.5.7-0.fc6.2 - fix #244906 kdelibs-3.5.7-1.fc6 : - Tue Oct 2 2007 Than Ngo <than at redhat.com> - 6:3.5.7-1.fc6 - CVE-2007-4224, CVE-2007-3820 konqueror address bar spoofing Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	26935
published	2007-10-09
reporter	This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/26935
title	Fedora Core 6 : kdebase-3.5.7-1.fc6 / kdelibs-3.5.7-1.fc6 (2007-716)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2007-716. # include("compat.inc"); if (description) { script_id(26935); script_version ("1.15"); script_cvs_date("Date: 2019/08/02 13:32:26"); script_cve_id("CVE-2007-3820", "CVE-2007-4224", "CVE-2007-4225", "CVE-2007-4569"); script_xref(name:"FEDORA", value:"2007-716"); script_name(english:"Fedora Core 6 : kdebase-3.5.7-1.fc6 / kdelibs-3.5.7-1.fc6 (2007-716)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora Core host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "The remote Fedora Core host is missing one or more security updates : kdebase-3.5.7-1.fc6 : - Tue Oct 2 2007 Than Ngo <than at redhat.com> - 6:3.5.7-1.fc6 - CVE-2007-4224, CVE-2007-4225, CVE-2007-3820 - rh#299741, CVE-2007-4569 - Mon Jul 2 2007 Than Ngo <than at redhat.com> - 6:3.5.7-0.fc6.2 - fix #244906 kdelibs-3.5.7-1.fc6 : - Tue Oct 2 2007 Than Ngo <than at redhat.com> - 6:3.5.7-1.fc6 - CVE-2007-4224, CVE-2007-3820 konqueror address bar spoofing Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # https://lists.fedoraproject.org/pipermail/package-announce/2007-October/004054.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?35a04b05" ); # https://lists.fedoraproject.org/pipermail/package-announce/2007-October/004055.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?d12013e1" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_cwe_id(59, 264); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdebase"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdebase-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdebase-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdelibs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdelibs-apidocs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdelibs-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdelibs-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:6"); script_set_attribute(attribute:"patch_publication_date", value:"2007/10/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/09"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^6([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 6.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC6", reference:"kdebase-3.5.7-1.fc6")) flag++; if (rpm_check(release:"FC6", reference:"kdebase-debuginfo-3.5.7-1.fc6")) flag++; if (rpm_check(release:"FC6", reference:"kdebase-devel-3.5.7-1.fc6")) flag++; if (rpm_check(release:"FC6", reference:"kdelibs-3.5.7-1.fc6")) flag++; if (rpm_check(release:"FC6", reference:"kdelibs-apidocs-3.5.7-1.fc6")) flag++; if (rpm_check(release:"FC6", reference:"kdelibs-debuginfo-3.5.7-1.fc6")) flag++; if (rpm_check(release:"FC6", reference:"kdelibs-devel-3.5.7-1.fc6")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kdebase / kdebase-debuginfo / kdebase-devel / kdelibs / etc"); }

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20071008_KDELIBS_ON_SL5_X.NASL
description	Two cross-site-scripting flaws were found in the way Konqueror processes certain HTML content. This could result in a malicious attacker presenting misleading content to an unsuspecting user. (CVE-2007-0242, CVE-2007-0537) A flaw was found in KDE JavaScript implementation. A web page containing malicious JavaScript code could cause Konqueror to crash. (CVE-2007-1308) A flaw was found in the way Konqueror handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user
last seen	2020-06-01
modified	2020-06-02
plugin id	60263
published	2012-08-01
reporter	This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/60263
title	Scientific Linux Security Update : kdelibs on SL5.x, SL4.x i386/x86_64
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(60263); script_version("1.5"); script_cvs_date("Date: 2019/10/25 13:36:17"); script_cve_id("CVE-2007-0242", "CVE-2007-0537", "CVE-2007-1308", "CVE-2007-1564", "CVE-2007-3820", "CVE-2007-4224"); script_name(english:"Scientific Linux Security Update : kdelibs on SL5.x, SL4.x i386/x86_64"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Two cross-site-scripting flaws were found in the way Konqueror processes certain HTML content. This could result in a malicious attacker presenting misleading content to an unsuspecting user. (CVE-2007-0242, CVE-2007-0537) A flaw was found in KDE JavaScript implementation. A web page containing malicious JavaScript code could cause Konqueror to crash. (CVE-2007-1308) A flaw was found in the way Konqueror handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1564) Two Konqueror address spoofing flaws have been discovered. It was possible for a malicious website to cause the Konqueror address bar to display information which could trick a user into believing they are at a different website than they actually are. (CVE-2007-3820, CVE-2007-4224)" ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0710&L=scientific-linux-errata&T=0&P=778 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?7627dbff" ); script_set_attribute( attribute:"solution", value: "Update the affected kdelibs, kdelibs-apidocs and / or kdelibs-devel packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_cwe_id(59, 79, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2007/10/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL4", reference:"kdelibs-3.3.1-9.el4")) flag++; if (rpm_check(release:"SL4", reference:"kdelibs-devel-3.3.1-9.el4")) flag++; if (rpm_check(release:"SL5", reference:"kdelibs-3.5.4-13.el5")) flag++; if (rpm_check(release:"SL5", reference:"kdelibs-apidocs-3.5.4-13.el5")) flag++; if (rpm_check(release:"SL5", reference:"kdelibs-devel-3.5.4-13.el5")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2007-2361.NASL
description	- Tue Oct 2 2007 Than Ngo <than at redhat.com> - 6:3.5.7-13.1 - rh#299731, CVE-2007-4569 - Wed Aug 15 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 6:3.5.7-13 - CVE-2007-3820, CVE-2007-4224, CVE-2007-4225 - License: GPLv2 - Requires: kdelibs3(-devel) - Fri Jul 20 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-12 - fix unpackaged files - Fri Jul 20 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-9 - %ifnarch s390 s390x: BR: lm_sensors - Thu Jul 19 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-7 - omit dirs owned by kde-filesystem - Mon Jul 2 2007 Than Ngo <than at redhat.com> - 6:3.5.7-6 - fix bz#244906 - Wed Jun 20 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-5 - Provides: kdebase3(-devel) - Wed Jun 20 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-4 - -devel: Requires: %name... - portability++ - Fri Jun 15 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-3 - specfile portability - Mon Jun 11 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-2 - fix BR: kdelibs-devel - cleanup Req
last seen	2020-06-01
modified	2020-06-02
plugin id	27769
published	2007-11-06
reporter	This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/27769
title	Fedora 7 : kdebase-3.5.7-13.1.fc7 (2007-2361)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2007-2361. # include("compat.inc"); if (description) { script_id(27769); script_version ("1.15"); script_cvs_date("Date: 2019/08/02 13:32:25"); script_cve_id("CVE-2007-3820", "CVE-2007-4224", "CVE-2007-4225", "CVE-2007-4569"); script_xref(name:"FEDORA", value:"2007-2361"); script_name(english:"Fedora 7 : kdebase-3.5.7-13.1.fc7 (2007-2361)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: " - Tue Oct 2 2007 Than Ngo <than at redhat.com> - 6:3.5.7-13.1 - rh#299731, CVE-2007-4569 - Wed Aug 15 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 6:3.5.7-13 - CVE-2007-3820, CVE-2007-4224, CVE-2007-4225 - License: GPLv2 - Requires: kdelibs3(-devel) - Fri Jul 20 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-12 - fix unpackaged files - Fri Jul 20 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-9 - %ifnarch s390 s390x: BR: lm_sensors - Thu Jul 19 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-7 - omit dirs owned by kde-filesystem - Mon Jul 2 2007 Than Ngo <than at redhat.com> - 6:3.5.7-6 - fix bz#244906 - Wed Jun 20 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-5 - Provides: kdebase3(-devel) - Wed Jun 20 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-4 - -devel: Requires: %name... - portability++ - Fri Jun 15 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-3 - specfile portability - Mon Jun 11 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-2 - fix BR: kdelibs-devel - cleanup Req's wrt kde-settings - Mon Jun 11 2007 Than Ngo <than at redhat.com> - 6:3.5.7-1.fc7.1 - remove kdebase-3.4.2-npapi-64bit-fixes.patch, it's included in new upstream - Wed Jun 6 2007 Than Ngo <than at redhat.com> - 6:3.5.7-0.1 - 3.5.7 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=299731" ); # https://lists.fedoraproject.org/pipermail/package-announce/2007-October/003992.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?cca76192" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_cwe_id(59, 264); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdebase"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdebase-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdebase-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdebase-extras"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:7"); script_set_attribute(attribute:"patch_publication_date", value:"2007/10/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/06"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^7([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 7.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC7", reference:"kdebase-3.5.7-13.1.fc7")) flag++; if (rpm_check(release:"FC7", reference:"kdebase-debuginfo-3.5.7-13.1.fc7")) flag++; if (rpm_check(release:"FC7", reference:"kdebase-devel-3.5.7-13.1.fc7")) flag++; if (rpm_check(release:"FC7", reference:"kdebase-extras-3.5.7-13.1.fc7")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kdebase / kdebase-debuginfo / kdebase-devel / kdebase-extras"); }

NASL family	SuSE Local Security Checks
NASL id	SUSE_FILESHARESET-4433.NASL
description	Users could log in as root without having to enter the password if auto login was enabled and if kdm was configured to require the root passwort to shutdown the system. (CVE-2007-4569) JavaScript code could modify the URL in the address bar to make the currently displayed website appear to come from a different site. (CVE-2007-4224)
last seen	2020-06-01
modified	2020-06-02
plugin id	29429
published	2007-12-13
reporter	This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/29429
title	SuSE 10 Security Update : KDE (ZYPP Patch Number 4433)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(29429); script_version ("1.19"); script_cvs_date("Date: 2019/10/25 13:36:29"); script_cve_id("CVE-2007-4224", "CVE-2007-4569"); script_name(english:"SuSE 10 Security Update : KDE (ZYPP Patch Number 4433)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "Users could log in as root without having to enter the password if auto login was enabled and if kdm was configured to require the root passwort to shutdown the system. (CVE-2007-4569) JavaScript code could modify the URL in the address bar to make the currently displayed website appear to come from a different site. (CVE-2007-4224)" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2007-4224.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2007-4569.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 4433."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C"); script_cwe_id(59, 264); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2007/09/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:1, reference:"fileshareset-2.0-84.57")) flag++; if (rpm_check(release:"SLED10", sp:1, reference:"kdebase3-3.5.1-69.58")) flag++; if (rpm_check(release:"SLED10", sp:1, reference:"kdebase3-beagle-3.5.1-69.58")) flag++; if (rpm_check(release:"SLED10", sp:1, reference:"kdebase3-devel-3.5.1-69.58")) flag++; if (rpm_check(release:"SLED10", sp:1, reference:"kdebase3-kdm-3.5.1-69.58")) flag++; if (rpm_check(release:"SLED10", sp:1, reference:"kdebase3-ksysguardd-3.5.1-69.58")) flag++; if (rpm_check(release:"SLED10", sp:1, reference:"kdebase3-nsplugin-3.5.1-69.58")) flag++; if (rpm_check(release:"SLED10", sp:1, reference:"kdebase3-samba-3.5.1-69.58")) flag++; if (rpm_check(release:"SLED10", sp:1, reference:"kdebase3-session-3.5.1-69.58")) flag++; if (rpm_check(release:"SLED10", sp:1, reference:"kdelibs3-3.5.1-49.39")) flag++; if (rpm_check(release:"SLED10", sp:1, reference:"kdelibs3-arts-3.5.1-49.39")) flag++; if (rpm_check(release:"SLED10", sp:1, reference:"kdelibs3-devel-3.5.1-49.39")) flag++; if (rpm_check(release:"SLED10", sp:1, reference:"kdelibs3-doc-3.5.1-49.39")) flag++; if (rpm_check(release:"SLED10", sp:1, cpu:"x86_64", reference:"kdebase3-32bit-3.5.1-69.58")) flag++; if (rpm_check(release:"SLED10", sp:1, cpu:"x86_64", reference:"kdelibs3-32bit-3.5.1-49.39")) flag++; if (rpm_check(release:"SLED10", sp:1, cpu:"x86_64", reference:"kdelibs3-arts-32bit-3.5.1-49.39")) flag++; if (rpm_check(release:"SLES10", sp:1, reference:"fileshareset-2.0-84.57")) flag++; if (rpm_check(release:"SLES10", sp:1, reference:"kdebase3-3.5.1-69.58")) flag++; if (rpm_check(release:"SLES10", sp:1, reference:"kdebase3-devel-3.5.1-69.58")) flag++; if (rpm_check(release:"SLES10", sp:1, reference:"kdebase3-extra-3.5.1-69.58")) flag++; if (rpm_check(release:"SLES10", sp:1, reference:"kdebase3-kdm-3.5.1-69.58")) flag++; if (rpm_check(release:"SLES10", sp:1, reference:"kdebase3-ksysguardd-3.5.1-69.58")) flag++; if (rpm_check(release:"SLES10", sp:1, reference:"kdebase3-nsplugin-3.5.1-69.58")) flag++; if (rpm_check(release:"SLES10", sp:1, reference:"kdebase3-samba-3.5.1-69.58")) flag++; if (rpm_check(release:"SLES10", sp:1, reference:"kdebase3-session-3.5.1-69.58")) flag++; if (rpm_check(release:"SLES10", sp:1, reference:"kdelibs3-3.5.1-49.39")) flag++; if (rpm_check(release:"SLES10", sp:1, reference:"kdelibs3-arts-3.5.1-49.39")) flag++; if (rpm_check(release:"SLES10", sp:1, reference:"kdelibs3-devel-3.5.1-49.39")) flag++; if (rpm_check(release:"SLES10", sp:1, reference:"kdelibs3-doc-3.5.1-49.39")) flag++; if (rpm_check(release:"SLES10", sp:1, cpu:"x86_64", reference:"kdebase3-32bit-3.5.1-69.58")) flag++; if (rpm_check(release:"SLES10", sp:1, cpu:"x86_64", reference:"kdebase3-nsplugin64-3.5.1-69.58")) flag++; if (rpm_check(release:"SLES10", sp:1, cpu:"x86_64", reference:"kdelibs3-32bit-3.5.1-49.39")) flag++; if (rpm_check(release:"SLES10", sp:1, cpu:"x86_64", reference:"kdelibs3-arts-32bit-3.5.1-49.39")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else exit(0, "The host is not affected.");

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2007-0909.NASL
description	Updated kdelibs packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdelibs package provides libraries for the K Desktop Environment (KDE). Two cross-site-scripting flaws were found in the way Konqueror processes certain HTML content. This could result in a malicious attacker presenting misleading content to an unsuspecting user. (CVE-2007-0242, CVE-2007-0537) A flaw was found in KDE JavaScript implementation. A web page containing malicious JavaScript code could cause Konqueror to crash. (CVE-2007-1308) A flaw was found in the way Konqueror handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user
last seen	2020-06-01
modified	2020-06-02
plugin id	26952
published	2007-10-09
reporter	This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/26952
title	RHEL 4 / 5 : kdelibs (RHSA-2007:0909)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2007-0909.NASL
description	From Red Hat Security Advisory 2007:0909 : Updated kdelibs packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdelibs package provides libraries for the K Desktop Environment (KDE). Two cross-site-scripting flaws were found in the way Konqueror processes certain HTML content. This could result in a malicious attacker presenting misleading content to an unsuspecting user. (CVE-2007-0242, CVE-2007-0537) A flaw was found in KDE JavaScript implementation. A web page containing malicious JavaScript code could cause Konqueror to crash. (CVE-2007-1308) A flaw was found in the way Konqueror handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user
last seen	2020-06-01
modified	2020-06-02
plugin id	67574
published	2013-07-12
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/67574
title	Oracle Linux 4 / 5 : kdelibs (ELSA-2007-0909)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2007-0909.NASL
description	Updated kdelibs packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdelibs package provides libraries for the K Desktop Environment (KDE). Two cross-site-scripting flaws were found in the way Konqueror processes certain HTML content. This could result in a malicious attacker presenting misleading content to an unsuspecting user. (CVE-2007-0242, CVE-2007-0537) A flaw was found in KDE JavaScript implementation. A web page containing malicious JavaScript code could cause Konqueror to crash. (CVE-2007-1308) A flaw was found in the way Konqueror handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user
last seen	2020-06-01
modified	2020-06-02
plugin id	26974
published	2007-10-12
reporter	This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/26974
title	CentOS 4 / 5 : kdelibs (CESA-2007:0909)

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-502-1.NASL
description	It was discovered that Konqueror could be tricked into displaying incorrect URLs. Remote attackers could exploit this to increase their chances of tricking a user into visiting a phishing URL, which could lead to credential theft. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	28106
published	2007-11-10
reporter	Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/28106
title	Ubuntu 6.06 LTS / 6.10 / 7.04 : kdebase, kdelibs vulnerabilities (USN-502-1)

NASL family	FreeBSD Local Security Checks
NASL id	FREEBSD_PKG_14AD2A2866D211DCB25F02E0185F8D72.NASL
description	The KDE development team reports : The Konqueror address bar is vulnerable to spoofing attacks that are based on embedding white spaces in the url. In addition the address bar could be tricked to show an URL which it is intending to visit for a short amount of time instead of the current URL.
last seen	2020-06-01
modified	2020-06-02
plugin id	26085
published	2007-09-24
reporter	This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/26085
title	FreeBSD : konquerer -- address bar spoofing (14ad2a28-66d2-11dc-b25f-02e0185f8d72)

NASL family	SuSE Local Security Checks
NASL id	SUSE_FILESHARESET-4454.NASL
description	Users could log in as root without having to enter the password if auto login was enabled and if kdm was configured to require the root passwort to shutdown the system (CVE-2007-4569). JavaScript code could modify the URL in the address bar to make the currently displayed website appear to come from a different site (CVE-2007-4224).
last seen	2020-06-01
modified	2020-06-02
plugin id	27217
published	2007-10-17
reporter	This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/27217
title	openSUSE 10 Security Update : fileshareset (fileshareset-4454)

NASL family	Mandriva Local Security Checks
NASL id	MANDRAKE_MDKSA-2007-176.NASL
description	konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed. (CVE-2007-3820) KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property. (CVE-2007-4224) Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar via an http URI with a large amount of whitespace in the user/password portion. (CVE-2007-4225) Updated packages fix these issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	26008
published	2007-09-07
reporter	This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/26008
title	Mandrake Linux Security Advisory : konqueror (MDKSA-2007:176)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2007-1699.NASL
description	This update primarily addresses problems with URL spoofing and consolekit/session permissions. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	27728
published	2007-11-06
reporter	This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/27728
title	Fedora 7 : kdelibs-3.5.7-20.fc7 (2007-1699)

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20071008_KDEBASE_ON_SL5_X.NASL
description	Kees Huijgen found a flaw in the way KDM handled logins when autologin and
last seen	2020-06-01
modified	2020-06-02
plugin id	60262
published	2012-08-01
reporter	This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/60262
title	Scientific Linux Security Update : kdebase on SL5.x, SL4.x i386/x86_64

NASL family	Slackware Local Security Checks
NASL id	SLACKWARE_SSA_2007-264-01.NASL
description	New kdebase packages are available for Slackware 12.0 to fix security issues. A long URL padded with spaces could be used to display a false URL in Konqueror
last seen	2020-06-01
modified	2020-06-02
plugin id	26113
published	2007-09-24
reporter	This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/26113
title	Slackware 12.0 : kdebase, kdelibs (SSA:2007-264-01)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2007-0905.NASL
description	Updated kdebase packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdebase packages provide the core applications for KDE, the K Desktop Environment. These core packages include Konqueror, the web browser and file manager. These updated packages address the following vulnerabilities : Kees Huijgen found a flaw in the way KDM handled logins when autologin and
last seen	2020-06-01
modified	2020-06-02
plugin id	26951
published	2007-10-09
reporter	This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/26951
title	RHEL 4 / 5 : kdebase (RHSA-2007:0905)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2007-0905.NASL
description	From Red Hat Security Advisory 2007:0905 : Updated kdebase packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdebase packages provide the core applications for KDE, the K Desktop Environment. These core packages include Konqueror, the web browser and file manager. These updated packages address the following vulnerabilities : Kees Huijgen found a flaw in the way KDM handled logins when autologin and
last seen	2020-06-01
modified	2020-06-02
plugin id	67573
published	2013-07-12
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/67573
title	Oracle Linux 4 / 5 : kdebase (ELSA-2007-0905)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2007-1700.NASL
description	This update primarily addresses security issues around URL spoofing. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	27729
published	2007-11-06
reporter	This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/27729
title	Fedora 7 : kdebase-3.5.7-13.fc7 (2007-1700)

Oval

accepted

2013-04-29T04:23:00.583-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 4
oval oval:org.mitre.oval:def:11831
comment CentOS Linux 4.x
oval oval:org.mitre.oval:def:16636
comment Oracle Linux 4.x
oval oval:org.mitre.oval:def:15990
comment The operating system installed on the system is Red Hat Enterprise Linux 5
oval oval:org.mitre.oval:def:11414
comment The operating system installed on the system is CentOS Linux 5.x
oval oval:org.mitre.oval:def:15802
comment Oracle Linux 5.x
oval oval:org.mitre.oval:def:15459

description

KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property.

family

unix

oval:org.mitre.oval:def:9879

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property.

version

Redhat

advisories

bugzilla

id	299891
title	CVE-2007-1308 kdelibs KDE JavaScript denial of service (crash)

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 4 is installed
oval oval:com.redhat.rhba:tst:20070304025

AND
comment kdelibs-devel is earlier than 6:3.3.1-9.el4
oval oval:com.redhat.rhsa:tst:20070909001
comment kdelibs-devel is signed with Red Hat master key
oval oval:com.redhat.rhsa:tst:20060184002
AND
comment kdelibs is earlier than 6:3.3.1-9.el4
oval oval:com.redhat.rhsa:tst:20070909003
comment kdelibs is signed with Red Hat master key
oval oval:com.redhat.rhsa:tst:20060184004

AND

comment Red Hat Enterprise Linux 5 is installed
oval oval:com.redhat.rhba:tst:20070331005

AND
comment kdelibs-apidocs is earlier than 6:3.5.4-13.el5
oval oval:com.redhat.rhsa:tst:20070909006
comment kdelibs-apidocs is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070909007
AND
comment kdelibs-devel is earlier than 6:3.5.4-13.el5
oval oval:com.redhat.rhsa:tst:20070909008
comment kdelibs-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070909009
AND
comment kdelibs is earlier than 6:3.5.4-13.el5
oval oval:com.redhat.rhsa:tst:20070909010
comment kdelibs is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070909011

rhsa

id	RHSA-2007:0909
released	2008-01-08
severity	Moderate
title	RHSA-2007:0909: kdelibs security update (Moderate)

rhsa
id RHSA-2007:0905

rpms

kdebase-6:3.3.1-6.el4
kdebase-6:3.5.4-15.el5
kdebase-debuginfo-6:3.3.1-6.el4
kdebase-debuginfo-6:3.5.4-15.el5
kdebase-devel-6:3.3.1-6.el4
kdebase-devel-6:3.5.4-15.el5
kdelibs-6:3.3.1-9.el4
kdelibs-6:3.5.4-13.el5
kdelibs-apidocs-6:3.5.4-13.el5
kdelibs-debuginfo-6:3.3.1-9.el4
kdelibs-debuginfo-6:3.5.4-13.el5
kdelibs-devel-6:3.3.1-9.el4
kdelibs-devel-6:3.5.4-13.el5

Statements

contributor	Mark J Cox
lastmodified	2007-09-05
organization	Red Hat
statement	Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=251708 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

Nessus

Oval

Redhat

Statements

References