Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200502-23] KStars: Buffer overflow in fliccd Vulnerability Scan
Vulnerability Scan Summary
KStars: Buffer overflow in fliccd
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200502-23
(KStars: Buffer overflow in fliccd)
Erik Sjolund discovered a buffer overflow in fliccd which is part
of the INDI support in KStars.
A possible hacker could exploit this vulnerability to execute code with
elevated rights. If fliccd does not run as daemon remote
exploitation of this vulnerability is not possible. KDE as shipped by
Gentoo does not start the daemon in the default installation.
There is no known workaround at this time.
All KStars users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=kde-base/kdeedu-3.3.2-r1"
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.