漏洞信息详情
dcopidlng脚本不安全方式创建临时文件漏洞
- CNNVD编号:CNNVD-200505-667
- 危害等级: 低危
![图片[1]-dcopidlng脚本不安全方式创建临时文件漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-09-08/fa6998ac850c38cb90c47a02e5a8652c.png)
- CVE编号:
CVE-2005-0365
- 漏洞类型:
设计错误
- 发布时间:
2005-03-17
- 威胁类型:
本地
- 更新时间:
2005-10-20
- 厂 商:
kde - 漏洞来源:
Waldo Bastian※ bas… -
漏洞简介
KDE是Linux和Unix工作站的一款免费开放源代码X桌面管理程序,DCOP协议是用于KDE通信的协议。dcopidlng脚本受符号链接攻击的影响,可能允许本地用户在编译使用dcopidlng脚本的KDE或第三方KDE应用程序时覆盖用户的任意文件。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
KDE KDE 3.2
KDE post-3.2.3-kdelibs-dcop.patch
ftp://ftp.kde.org/pub/kde/security_patches
KDE KDE 3.4
Mandrake kdelibs-common-3.2-36.10.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php
Mandrake kdelibs-common-3.2-36.10.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php
Mandrake kdelibs-common-3.2-36.10.C30mdk.i586.rpm
Mandrake Corporate Server 3.0
http://www.mandrakesecure.net/en/ftp.php
Mandrake kdelibs-common-3.2-36.10.C30mdk.x86_64.rpm
Mandrake Corporate Server 3.0/x86_64
http://www.mandrakesecure.net/en/ftp.php
Mandrake kdelibs-common-3.2-36.12.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php
Mandrake kdelibs-common-3.2-36.12.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php
Mandrake kdelibs-common-3.2-36.12.C30mdk.i586.rpm
Mandrake Corporate 3.0
http://www.mandrakesecure.net/en/ftp.php
Mandrake kdelibs-common-3.2-36.12.C30mdk.x86_64.rpm
Mandrake Corporate 3.0/x86_64
http://www.mandrakesecure.net/en/ftp.php
Mandrake lib64kdecore4-3.2-36.10.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php
Mandrake lib64kdecore4-3.2-36.10.C30mdk.x86_64.rpm
Mandrake Corporate Server 3.0/x86_64
http://www.mandrakesecure.net/en/ftp.php
Mandrake lib64kdecore4-3.2-36.12.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php
Mandrake lib64kdecore4-3.2-36.12.C30mdk.x86_64.rpm
Mandrake Corporate 3.0/x86_64
http://www.mandrakesecure.net/en/ftp.php
Mandrake lib64kdecore4-devel-3.2-36.10.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php
Mandrake lib64kdecore4-devel-3.2-36.10.C30mdk.x86_64.rpm
Mandrake Corporate Server 3.0/x86_64
http://www.mandrakesecure.net/en/ftp.php
Mandrake lib64kdecore4-devel-3.2-36.12.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php
Mandrake lib64kdecore4-devel-3.2-36.12.C30mdk.x86_64.rpm
Mandrake Corporate 3.0/x86_64
http://www.mandrakesecure.net/en/ftp.php
Mandrake libkdecore4-3.2-36.10.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php
Mandrake libkdecore4-3.2-36.10.C30mdk.i586.rpm
Mandrake Corporate Server 3.0
http://www.mandrakesecure.net/en/ftp.php
Mandrake libkdecore4-3.2-36.12.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php
Mandrake libkdecore4-3.2-36.12.C30mdk.i586.rpm
Mandrake Corporate 3.0
http://www.mandrakesecure.net/en/ftp.php
Mandrake libkdecore4-devel-3.2-36.10.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php
Mandrake libkdecore4-devel-3.2-36.10.C30mdk.i586.rpm
Mandrake Corporate Server 3.0
http://www.mandrakesecure.net/en/ftp.php
Mandrake libkdecore4-devel-3.2-36.12.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php
Mandrake libkdecore4-devel-3.2-36.12.C30mdk.i586.rpm
Mandrake Corporate 3.0
http://www.mandrakesecure.net/en/ftp.php
KDE KDE 3.2.1
KDE post-3.2.3-kdelibs-dcop.patch
ftp://ftp.kde.org/pub/kde/security_patches
KDE KDE 3.4
KDE KDE 3.2.2
Fedora kdelibs-3.2.2-14.FC2.i386.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
Fedora kdelibs-3.2.2-14.FC2.x86_64.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
Fedora kdelibs-debuginfo-3.2.2-14.FC2.i386.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
Fedora kdelibs-debuginfo-3.2.2-14.FC2.x86_64.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
Fedora kdelibs-devel-3.2.2-14.FC2.i386.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
Fedora kdelibs-devel-3.2.2-14.FC2.x86_64.rpm
RedHat Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
KDE post-3.2.3-kdelibs-dcop.patch
ftp://ftp.
参考网址
来源: www.kde.org
链接:http://www.kde.org/info/security/advisory-20050316-2.txt
来源: GENTOO
名称: GLSA-200503-14
链接:http://security.gentoo.org/glsa/glsa-200503-14.xml
来源: BUGTRAQ
名称: 20050211 insecure temporary file creation in kdelibs 3.3.2
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=110814653804757&w=2
来源: bugs.kde.org
链接:http://bugs.kde.org/show_bug.cgi?id=97608
来源: REDHAT
名称: RHSA-2005:325
链接:http://www.redhat.com/support/errata/RHSA-2005-325.html
来源: MANDRAKE
名称: MDKSA-2005:058
链接:http://www.mandriva.com/security/advisories?name=MDKSA-2005:058
来源: MANDRAKE
名称: MDKSA-2005:045
链接:http://www.mandriva.com/security/advisories?name=MDKSA-2005:045
来源: SECTRACK
名称: 1013525
链接:http://securitytracker.com/id?1013525
来源: SECUNIA
名称: 14254
链接:http://secunia.com/advisories/14254
来源: FEDORA
名称: FEDORA-2005-245
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
