Slackware Advisory SSA:2005-251-01 Kcheckpass In Kdebase Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2005-251-01.

Solution

http://www.kde.org/info/security/advisory-20050905-1.txt https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2005-251-01

Insight

New kdebase packages are available for Slackware 10.0, 10.1, and -current to fix a security issue with the kcheckpass program. Earlier versions of Slackware are not affected. A flaw in the way the program creates lockfiles could allow a local attacker to gain root privileges.

Severity

Classification

CVE CVE-2005-2494

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Slackware Advisory SSA:2006-045-09 xpdf
Slackware Advisory SSA:2005-251-04 php5 in Slackware 10.1
Slackware Advisory SSA:2004-119-01 kernel security updates
Slackware Advisory SSA:2003-308-01 apache security update
Slackware Advisory SSA:2003-259-01 OpenSSH Security Advisory

Slackware Advisory SSA:2005-251-01 kcheckpass in kdebase

Take action and discover your vulnerabilities