Gentoo Archives: gentoo-announce

From: Pierre-Yves Rofes <py@g.o>
To: gentoo-announce@l.g.o
Cc: full-disclosure@××××××××××××××.uk, bugtraq@×××××××××××××.com, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] [ GLSA 200710-15 ] KDM: Local privilege escalation
Date: Sun, 14 Oct 2007 22:59:42
Message-Id: 4712950C.8010500@gentoo.org
1 -----BEGIN PGP SIGNED MESSAGE-----
2 Hash: SHA1
3
4 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
5 Gentoo Linux Security Advisory GLSA 200710-15
6 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
7 http://security.gentoo.org/
8 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
9
10 Severity: High
11 Title: KDM: Local privilege escalation
12 Date: October 14, 2007
13 Bugs: #192373
14 ID: 200710-15
15
16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
17
18 Synopsis
19 ========
20
21 KDM allows logins without password under certain circumstances allowing
22 a local user to gain elevated privileges.
23
24 Background
25 ==========
26
27 KDM is the Display Manager for the graphical desktop environment KDE.
28 It is part of the kdebase package.
29
30 Affected packages
31 =================
32
33 -------------------------------------------------------------------
34 Package / Vulnerable / Unaffected
35 -------------------------------------------------------------------
36 1 kde-base/kdm < 3.5.7-r2 >= 3.5.7-r2
37 2 kde-base/kdebase < 3.5.7-r4 >= 3.5.7-r4
38 -------------------------------------------------------------------
39 2 affected packages on all of their supported architectures.
40 -------------------------------------------------------------------
41
42 Description
43 ===========
44
45 Kees Huijgen discovered an error when checking the credentials which
46 can lead to a login without specifying a password. This only occurs
47 when auto login is configured for at least one user and a password is
48 required to shut down the machine.
49
50 Impact
51 ======
52
53 A local attacker could gain root privileges and execute arbitrary
54 commands by logging in as root without specifying root's password.
55
56 Workaround
57 ==========
58
59 There is no known workaround at this time.
60
61 Resolution
62 ==========
63
64 All KDM users should upgrade to the latest version:
65
66 # emerge --sync
67 # emerge --ask --oneshot --verbose ">=kde-base/kdm-3.5.7-r2"
68
69 All kdebase users should upgrade to the latest version:
70
71 # emerge --sync
72 # emerge --ask --oneshot --verbose ">=kde-base/kdebase-3.5.7-r4"
73
74 References
75 ==========
76
77 [ 1 ] CVE-2007-4569
78 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4569
79
80 Availability
81 ============
82
83 This GLSA and any updates to it are available for viewing at
84 the Gentoo Security Website:
85
86 http://security.gentoo.org/glsa/glsa-200710-15.xml
87
88 Concerns?
89 =========
90
91 Security is a primary focus of Gentoo Linux and ensuring the
92 confidentiality and security of our users machines is of utmost
93 importance to us. Any security concerns should be addressed to
94 security@g.o or alternatively, you may file a bug at
95 http://bugs.gentoo.org.
96
97 License
98 =======
99
100 Copyright 2007 Gentoo Foundation, Inc; referenced text
101 belongs to its owner(s).
102
103 The contents of this document are licensed under the
104 Creative Commons - Attribution / Share Alike license.
105
106 http://creativecommons.org/licenses/by-sa/2.5
107 -----BEGIN PGP SIGNATURE-----
108 Version: GnuPG v1.4.7 (GNU/Linux)
109 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
110
111 iD8DBQFHEpUMuhJ+ozIKI5gRAhP4AJ9tJbrr9vjqjUZYwS3z83AZKvzB2gCfVy8Y
112 sufqCod8vQdMHkyDxK1Ypfs=
113 =7bv4
114 -----END PGP SIGNATURE-----
115 --
116 gentoo-announce@g.o mailing list