exploit the possibilities
Showing 1 - 5 of 5 RSS Feed

CVE-2010-0436

Status Candidate

Overview

Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper interaction with ksm.

Related Files

Gentoo Linux Security Advisory 201412-08
Posted Dec 12, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201412-8 - This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution.

tags | advisory, remote, local, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2006-3005, CVE-2007-2741, CVE-2008-0553, CVE-2008-1382, CVE-2008-5907, CVE-2008-6218, CVE-2008-6661, CVE-2009-0040, CVE-2009-0360, CVE-2009-0361, CVE-2009-0946, CVE-2009-2042, CVE-2009-2624, CVE-2009-3736, CVE-2009-4029, CVE-2009-4411, CVE-2009-4896, CVE-2010-0001, CVE-2010-0436, CVE-2010-0732, CVE-2010-0829, CVE-2010-1000, CVE-2010-1205, CVE-2010-1511, CVE-2010-2056, CVE-2010-2060, CVE-2010-2192, CVE-2010-2251
MD5 | 4988293251dc9709a0f0caf5c1076c9b
KDE TOCTOU Vulnerability Case Study
Posted Nov 4, 2013
Authored by x90c

This write up is an in-depth analysis of the CVE-2010-0436 KDE TOCTTOU vulnerability.

tags | paper
advisories | CVE-2010-0436
MD5 | c89ed85b6fbef0c89d335ddf5983516d
Ubuntu Security Notice 932-1
Posted Apr 20, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 932-1 - Sebastian Krahmer discovered a race condition in the KDE Display Manager (KDM). A local attacker could exploit this to change the permissions on arbitrary files, thus allowing privilege escalation.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2010-0436
MD5 | 1bd5326137a0792b6fce3e2eb2bcd066
Debian Linux Security Advisory 2037-1
Posted Apr 19, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2037-1 - Sebastian Krahmer discovered that a race condition in the KDE Desktop Environment's KDM display manager, allow a local user to elevate privileges to root.

tags | advisory, local, root
systems | linux, debian
advisories | CVE-2010-0436
MD5 | 34d067a38b95acb14def6dc4fad6d3e6
Mandriva Linux Security Advisory 2010-074
Posted Apr 16, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-074 - A vulnerability has been found and corrected in kdm. KDM contains a race condition that allows local attackers to make arbitrary files on the system world-writeable. This can happen while KDM tries to create its control socket during user login. This vulnerability has been discovered by Sebastian Krahmer from the SUSE Security Team. It is advised to reboot the computer after applying the updated packages in order to the security fix to take full effect. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.

tags | advisory, arbitrary, local
systems | linux, suse, mandriva
advisories | CVE-2010-0436
MD5 | fccb0c5255320e2b360adcdcfc731cb5
Page 1 of 1
Back1Next

File Archive:

June 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    35 Files
  • 2
    Jun 2nd
    14 Files
  • 3
    Jun 3rd
    40 Files
  • 4
    Jun 4th
    22 Files
  • 5
    Jun 5th
    1 Files
  • 6
    Jun 6th
    1 Files
  • 7
    Jun 7th
    19 Files
  • 8
    Jun 8th
    14 Files
  • 9
    Jun 9th
    39 Files
  • 10
    Jun 10th
    20 Files
  • 11
    Jun 11th
    22 Files
  • 12
    Jun 12th
    2 Files
  • 13
    Jun 13th
    1 Files
  • 14
    Jun 14th
    32 Files
  • 15
    Jun 15th
    34 Files
  • 16
    Jun 16th
    9 Files
  • 17
    Jun 17th
    33 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close