|
Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2005:045: kdelibs Vulnerability Scan
Vulnerability Scan Summary Check for the version of the kdelibs package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2005:045 (kdelibs).
A bug in the way kioslave handles URL-encoded newline (%0a) characters before
the FTP command was discovered. Because of this, it is possible that a
specially crafted URL could be used to execute any ftp command on a remote
server, or even send unsolicited email.
As well, Davide Madrisan discovered that dcopidlng created temporary files in
an insecure manner.
The updated packages are patched to deal with these issues.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:045
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|