CVE-2005-1920
CVSS5.0
发布时间 :2005-07-26 00:00:00
修订时间 :2016-10-17 23:23:16
NMCOPS    

[原文]The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information.


[CNNVD]KDE Kate/Kwrite 信息泄露漏洞(CNNVD-200507-254)

        KDE是Linux和Unix工作站的一款免费开放源代码X桌面管理程序,Kate/KWrite是KDE的文本编辑器。
        Kate/Kwrite存在信息泄露漏洞。由于Kate/Kwrite不正确的将原始文件和备份文件默认设置了相同的访问许可,可能导致本地攻击者通过读取备份文件的内容来获得敏感信息。
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/o:kde:kde:3.2.2
cpe:/o:kde:kde:3.3.1
cpe:/o:kde:kde:3.4.0
cpe:/o:kde:kde:3.2
cpe:/o:kde:kde:3.2.1
cpe:/o:kde:kde:3.3
cpe:/o:kde:kde:3.2.3
cpe:/o:kde:kde:3.3.2
cpe:/o:kde:kde:3.4

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:9434The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were ...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1920
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1920
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200507-254
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=112171434023679&w=2
(UNKNOWN)  BUGTRAQ  20050718 [KDE Security Advisory]: Kate backup file permission leak
http://security.gentoo.org/glsa/glsa-200611-21.xml
(UNKNOWN)  GENTOO  GLSA-200611-21
http://securitytracker.com/id?1014512
(UNKNOWN)  SECTRACK  1014512
http://www.debian.org/security/2005/dsa-804
(UNKNOWN)  DEBIAN  DSA-804
http://www.kde.org/info/security/advisory-20050718-1.txt
(VENDOR_ADVISORY)  CONFIRM  http://www.kde.org/info/security/advisory-20050718-1.txt
http://www.novell.com/linux/security/advisories/2005_18_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2005:018
http://www.redhat.com/support/errata/RHSA-2005-612.html
(UNKNOWN)  REDHAT  RHSA-2005:612
http://www.securityfocus.com/archive/1/archive/1/427976/100/0/threaded
(UNKNOWN)  FEDORA  FLSA:178606
http://www.securityfocus.com/bid/14297
(UNKNOWN)  BID  14297

- 漏洞信息

KDE Kate/Kwrite 信息泄露漏洞
中危 设计错误
2005-07-26 00:00:00 2005-10-20 00:00:00
本地  
        KDE是Linux和Unix工作站的一款免费开放源代码X桌面管理程序,Kate/KWrite是KDE的文本编辑器。
        Kate/Kwrite存在信息泄露漏洞。由于Kate/Kwrite不正确的将原始文件和备份文件默认设置了相同的访问许可,可能导致本地攻击者通过读取备份文件的内容来获得敏感信息。
        

- 公告与补丁

        目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
        http://www.kde.org/info/security/advisory-20050718-1.txt

- 漏洞信息 (F38760)

KDE Security Advisory 2005-07-18.1 (PacketStormID:F38760)
2005-07-19 00:00:00
KDE Desktop  kde.org
advisory
CVE-2005-1920
[点击下载]

KDE Security Advisory: Kate / Kwrite create a file backup before saving a modified file. These backup files are created with default permissions, even if the original file had more strict permissions set. Depending on the system security settings, backup files might be readable by other users. All maintained versions of Kate and Kwrite as shipped with KDE 3.2.x up to including 3.4.0. KDE 3.1.x and older and KDE 3.4.1 and newer are not affected.

KDE Security Advisory: Kate backup file permission leak
Original Release Date: 2005-07-18
URL: http://www.kde.org/info/security/advisory-20050718-1.txt

0. References
        CVE CAN-2005-1920
        https://bugs.kde.org/show_bug.cgi?id=103331


1. Systems affected:

        All maintained versions of Kate and Kwrite as shipped with
        KDE 3.2.x up to including 3.4.0. KDE 3.1.x and older and
        KDE 3.4.1 and newer are not affected.


2. Overview:

	Kate / Kwrite create a file backup before saving a modified
        file. These backup files are created with default permissions,
        even if the original file had more strict permissions set.


3. Impact:

	Depending on the system security settings, backup files
        might be readable by other users.  Kate / Kwrite are
        network transparent applications and therefore this
        vulnerability might not be restricted to local users.


4. Solution:

        Source code patches have been made available which fix these
        vulnerabilities. Contact your OS vendor / binary package provider
        for information about how to obtain updated binary packages.


5. Patch:

        A patch for KDE 3.4.0 is available from
        ftp://ftp.kde.org/pub/kde/security_patches :

        50f7bc6d8cf4b7aaa65e4e8062fc46c9  post-3.4.0-kdelibs-kate.diff

        A patch for KDE 3.3.x is available from
        ftp://ftp.kde.org/pub/kde/security_patches :

        138c3252883171d55ec24ed0318950fd  post-3.3.2-kdelibs-kate.diff

        A patch for KDE 3.2.x is available from
        ftp://ftp.kde.org/pub/kde/security_patches :

        56667c05f545e8c9711c35bf78497bfd  post-3.2.3-kdelibs-kate.diff

-- 
Dirk//\
    

- 漏洞信息

18063
KDE Kate/KWrite Backup File Insecure Permission Information Disclosure
Local Access Required Information Disclosure, Race Condition
Loss of Confidentiality
Exploit Public Vendor Verified

- 漏洞描述

Kate/KWrite create a file backup before saving a modified file. These backup files are created with default permissions (as set by umask), even if the original file had more strict permissions set. Depending on system setup, relaxed permissions may make the backup file readable to users who would not have read permission to the original file. Kate/KWrite are network transparent, therefore this disclosure might not be limited to local users.

- 时间线

2005-04-06 Unknow
2005-04-06 Unknow

- 解决方案

Upgrade to KDE version 3.4.1 or higher, as it has been reported to fix this vulnerability. Code patches are provided by KDE for all vulnerable versions. Contact your OS vendor / binary package provider for information about how to obtain updated binary packages.

- 相关参考

- 漏洞作者

- 漏洞信息

KDE Kate, KWrite Local Backup File Information Disclosure Vulnerability
Design Error 14297
No Yes
2005-07-18 12:00:00 2006-12-22 12:04:00
bjoern@cs.tu-berlin.de reported this issue to the vendor.

- 受影响的程序版本

Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
RedHat Linux 9.0 i386
RedHat Linux 7.3 i386
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux ES 4
RedHat Desktop 4.0
Red Hat Fedora Core3
Red Hat Fedora Core2
Red Hat Fedora Core1
Red Hat Enterprise Linux AS 4
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
KDE kdelibs 3.0
+ KDE KDE 3.1
KDE KDE 3.4
KDE KDE 3.3.2
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
+ Debian Linux 3.1
+ Debian Linux 3.1
KDE KDE 3.3.2
KDE KDE 3.3.1
+ Red Hat Fedora Core3
KDE KDE 3.3
KDE KDE 3.2.3
KDE KDE 3.2.2
+ KDE KDE 3.2.2
+ Red Hat Fedora Core2
KDE KDE 3.2.1
KDE KDE 3.2
Gentoo Linux
Conectiva Linux 10.0
KDE KDE 3.4.1
+ Red Hat Fedora Core4

- 不受影响的程序版本

KDE KDE 3.4.1
+ Red Hat Fedora Core4

- 漏洞讨论

KDE kate and kwrite are susceptible to a local information-disclosure vulnerability. The applications fail to maintain secure file permissions when creating backup files.

This vulnerability allows local attackers to gain access to the contents of potentially sensitive files.

Note: Since these applications are network-aware, under some unknown circumstances, this issue may not be restricted to local attackers.

- 漏洞利用

An exploit is not required.

- 解决方案

Please see the referenced advisories for more information.


KDE kdelibs 3.0

KDE KDE 3.2

KDE KDE 3.2.1

KDE KDE 3.2.2

KDE KDE 3.2.3

KDE KDE 3.3

KDE KDE 3.3.1

KDE KDE 3.3.2

KDE KDE 3.3.2

KDE KDE 3.4

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站