Bugtraq mailing list archives
Hole in the KDE desktop
From: alan () LXORGUK UKUU ORG UK (Alan Cox)
Date: Mon, 5 May 1997 19:47:35 +0100
KDE is a sort of neat desktop built on the Qt widget class (see http://www.kde.org). A word of warning to anyone running it however - the file manager talks to the other modules over a basically unsecured TCP socket. You can ask it to copy files and all sorts of lovely stuff. Fortunately its not got any obvious major features (the file copy for example is to their local disk). However if you can get a file onto their box (eg into their anonymous ftp area) you can ask kfm to copy it to ~user/.rhosts The fix appears to be to make the KDE software communicate over an AF_UNIX socket and set file permissions appropriately on the socket name. This requires you rebuild a fair chunk of the KDE software but the end result seems to work as well as before. I've tried reporting bugs to the KDE authors, all I got was abuse so I'll log it here instead in the hope someone sensible from the KDE project reads this. Alan
Current thread:
- Re: Buffer Overflows: A Summary Bill Trost (May 01)
- Re: Buffer Overflows: A Summary Tommy Marcus McGuire (May 02)
- Re: Buffer Overflows: A Summary Gene Spafford (May 02)
- Windows NT 4.0 SAM hotfix Aleph One (May 02)
- Re: Buffer Overflows: A Summary Lamont Granquist (May 03)
- Solaris lpNet & temp files (exploit) Chris Sheldon (May 03)
- Re: Solaris lpNet & temp files (exploit) Casper Dik (May 07)
- A bug in Elm fflush (May 04)
- Re: A bug in Elm Larry Schwimmer (May 04)
- Hole in the KDE desktop Alan Cox (May 05)
- A vulnerability in Lynx (all versions) fflush (May 05)
- Re: A vulnerability in Lynx (all versions) Theo de Raadt (May 05)
- SGI Security Advisory 19970101-02-PX - csetup Program SGI Security Coordinator (May 05)
- Re: Buffer Overflows: A Summary Tommy Marcus McGuire (May 02)
- Re: Buffer Overflows: A Summary Thomas H. Ptacek (May 02)
- Comments on NT user list exploit webroot (May 05)
- Re: Buffer Overflows: A Summary Adam Shostack (May 05)
- Re: Buffer Overflows: A Summary Eilon Gishri (May 06)
- Administratrivia Aleph One (May 06)
- SGI Security Advisory 19970501-01-A - Vulnerability in webdist.cgi SGI Security Coordinator (May 06)
- Re: SGI Security Advisory 19970501-01-A - Vulnerability in Kari E. Hurtta (May 06)