Bugtraq mailing list archives
Re: KDE Security Advisory: Multiple vulnerabilities in KDE
From: fozzy () dmpfrance com
Date: Sun, 22 Dec 2002 23:07:44 GMT
The KDE Project is not aware of any existing exploits of these vulnerabilities
I'd like to stress out that, due to the nature of these vulnerabilities, exploitation can be very easy and "basic". Security-enhanced kernels (preventing buffer overflows and format string attacks) will not help. A bit like most MS Internet Explorer bugs BTW... ;-) After I found out some of these problems, the KDE Security Team has done a good job in finding and fixing all the potentially vulnerable instances of code. This is a major fix, so consider upgrading soon ! Fozzy The Hackademy Audit http://www.thehackademy.net/audit.php (french)
Current thread:
- KDE Security Advisory: Multiple vulnerabilities in KDE Dirk Mueller (Dec 21)
- Re: KDE Security Advisory: Multiple vulnerabilities in KDE fozzy (Dec 23)
- Re: KDE Security Advisory: Multiple vulnerabilities in KDE Florian Weimer (Dec 23)
- Re: KDE Security Advisory: Multiple vulnerabilities in KDE fozzy (Dec 23)