• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

KDE Network RESLISA LOGNAME Local Buffer Overflow Vulnerability

Solution:
Debian has released a security advisory. Information about obtaining and applying fixes can be found in the referenced advisory.

KDE has released an advisory. Users are advised to upgrade systems to KDE 3.0.5 or to apply appropriate patches.

Gentoo Linux has released an advisory. Users of kde-base/kdenetwork-3.0.4 and earlier are advised to update their systems by issuing the following commands:

emerge rsync
emerge kdenetwork
emerge clean

RedHat has released an advisory, RHSA-2002:220-40, that contains many fixes. Information about obtaining and applying fixes are available in the referenced advisory.

The following fixes are available:


LISa LISa 0.1

• LISa lisa-0.2.2.tar.bz2
  http://lisa-home.sourceforge.net/src/lisa-0.2.2.tar.bz2

LISa LISa 0.1.2

• LISa lisa-0.2.2.tar.bz2
  http://lisa-home.sourceforge.net/src/lisa-0.2.2.tar.bz2

KDE klisa 2.2.2

• Debian klisa_2.2.2-14.2_alpha.deb
  http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2- 14.2_alpha.deb


• Debian klisa_2.2.2-14.2_arm.deb
  http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2- 14.2_arm.deb


• Debian klisa_2.2.2-14.2_hppa.deb
  http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2- 14.2_hppa.deb


• Debian klisa_2.2.2-14.2_i386.deb
  http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2- 14.2_i386.deb


• Debian klisa_2.2.2-14.2_ia64.deb
  http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2- 14.2_ia64.deb


• Debian klisa_2.2.2-14.2_m68k.deb
  http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2- 14.2_m68k.deb


• Debian klisa_2.2.2-14.2_mips.deb
  http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2- 14.2_mips.deb


• Debian klisa_2.2.2-14.2_mipsel.deb
  http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2- 14.2_mipsel.deb


• Debian klisa_2.2.2-14.2_powerpc.deb
  http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2- 14.2_powerpc.deb


• Debian klisa_2.2.2-14.2_s390.deb
  http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2- 14.2_s390.deb


• Debian klisa_2.2.2-14.2_sparc.deb
  http://security.debian.org/pool/updates/main/k/kdenetwork/klisa_2.2.2- 14.2_sparc.deb

KDE KDE 3.0

• KDE KDE 3.0.5
  http://download.kde.org/stable/3.0.5/

KDE KDE 3.0.1

• KDE KDE 3.0.5
  http://download.kde.org/stable/3.0.5/

KDE KDE 3.0.2

• KDE KDE 3.0.5
  http://download.kde.org/stable/3.0.5/

KDE KDE 3.0.3

• KDE KDE 3.0.5
  http://download.kde.org/stable/3.0.5/


• MandrakeSoft kdenetwork-3.0.3-15.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• MandrakeSoft kdenetwork-devel-3.0.3-15.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• MandrakeSoft lisa-3.0.3-15.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php

KDE KDE 3.0.3 a

• KDE KDE 3.0.5
  http://download.kde.org/stable/3.0.5/

KDE KDE 3.0.4

• KDE KDE 3.0.5
  http://download.kde.org/stable/3.0.5/