Jump to content

Advisories (MDKSA-2006:105 ): kdebase


Recommended Posts

Mandriva Advisories MDKSA-2006:105 : kdebase


Updated kdebase packages fix local vulnerability in kdm

June 15th, 2006


A problem with how kdm manages the ~/.dmrc file was discovered by


Ludwig Nussel.By using a symlink attack, a local user could get kdm


to read arbitrary files on the system, including privileged system


files and those belonging to other users.




The updated packages have been patched to correct these issues.



The released versions of Mandriva GNU/Linux affected are:

  • CS3.0
  • 2006.0

Full information about this advisory, including the updated packages, is available at:



Other references:



Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)

Link to comment
Share on other sites


  • Create New...