ID CVE-2005-0396
Summary Desktop Communication Protocol (DCOP) daemon, aka dcopserver, in KDE before 3.4 allows local users to cause a denial of service (dcopserver consumption) by "stalling the DCOP authentication process."
References
Vulnerable Configurations
  • cpe:2.3:a:kde:dcopserver:3.3
    cpe:2.3:a:kde:dcopserver:3.3
  • cpe:2.3:a:kde:desktop_communication_protocol_daemon:3.3
    cpe:2.3:a:kde:desktop_communication_protocol_daemon:3.3
CVSS
Base: 2.1 (as of 07-06-2005 - 11:32)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-325.NASL
    description Updated kdelibs packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kdelibs package provides libraries for the K Desktop Environment. The International Domain Name (IDN) support in the Konqueror browser allowed remote attackers to spoof domain names using punycode encoded domain names. Such domain names are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0237 to this issue. Sebastian Krahmer discovered a flaw in dcopserver, the KDE Desktop Communication Protocol (DCOP) daemon. A local user could use this flaw to stall the DCOP authentication process, affecting any local desktop users and causing a reduction in their desktop functionality. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0396 to this issue. A flaw in the dcopidlng script was discovered. The dcopidlng script would create temporary files with predictable filenames which could allow local users to overwrite arbitrary files via a symlink attack. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0365 to this issue. Users of KDE should upgrade to these erratum packages which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 17625
    published 2005-03-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17625
    title RHEL 4 : kdelibs (RHSA-2005:325)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_972697A79A4211D9A2560001020EED82.NASL
    description A KDE Security Advisory reports : Sebastian Krahmer of the SUSE LINUX Security Team reported a local denial of service vulnerability in KDE's Desktop Communication Protocol (DCOP) daemon better known as dcopserver. A local user can lock up the dcopserver of arbitrary other users on the same machine. This can cause a significant reduction in desktop functionality for the affected users including, but not limited to, the inability to browse the internet and the inability to start new applications.
    last seen 2019-02-21
    modified 2018-11-21
    plugin id 19040
    published 2005-07-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19040
    title FreeBSD : kdelibs -- local DCOP denial of service vulnerability (972697a7-9a42-11d9-a256-0001020eed82)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SA_2005_022.NASL
    description The remote host is missing the patch for the advisory SUSE-SA:2005:022 (kdelibs3). Several vulnerabilities have been identified and fixed in the KDE desktop environment. - A buffer overflow via specially crafted PCX pictures was fixed. This could lead to a remote attacker being able to execute code as the user opening or viewing a PCX images. This PCX image could have been embedded within a web page or Email. This affects SUSE Linux 9.1 up to 9.3, SUSE Linux Enterprise Server 9 and Novell Linux Desktop 9. - The IDN domain name cloaking problem was fixed. A remote website could disguise its name as another potentially trusted site by using a extension originally meant for non-ASCII domain names by using 'homographs' which look exactly like other letters. The fix used by KDE is only use homographs for trusted domains. It is disabled by default for the .net, .com and .org domains. This issue exists in SUSE Linux 9.1 and 9.2, SUSE Linux Enterprise Server 9 and Novell Linux Desktop 9. It has been assigned the Mitre CVE ID CVE-2005-0233. - A denial of service attack against the DCOP service was fixed. A local user could cause another users KDE session to visible hang by writing bad data to the world-writable DCOP socket. The socket has been made writable only for the user itself. This was found by Sebastian Krahmer of SUSE Security. This affects all SUSE Linux versions, except SUSE Linux 9.3. Updates for SUSE Linux up to 9.0 and SUSE Linux Enterprise Server 8 are not included for this minor issue. They will be included should a later security update for different issues be necessary. This is tracked by the Mitre CVE ID CVE-2005-0396. Additionally following bug was fixed: - A possible race in the DNS resolver causing unresolved hosts in rare cases was fixed. This only affected SUSE Linux 9.3.
    last seen 2019-02-21
    modified 2016-12-27
    plugin id 18014
    published 2005-04-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18014
    title SUSE-SA:2005:022: kdelibs3
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200503-22.NASL
    description The remote host is affected by the vulnerability described in GLSA-200503-22 (KDE: Local Denial of Service) Sebastian Krahmer discovered that it is possible to stall the dcopserver of other users. Impact : An attacker could exploit this to cause a local Denial of Service by stalling the dcopserver in the authentication process. As a result all desktop functionality relying on DCOP will cease to function. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 17576
    published 2005-03-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17576
    title GLSA-200503-22 : KDE: Local Denial of Service
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-307.NASL
    description Updated kdelibs packages that fix a local denial of service issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdelibs package provides libraries for the K Desktop Environment. Sebastian Krahmer discovered a flaw in dcopserver, the KDE Desktop Communication Protocol (DCOP) daemon. A local user could use this flaw to stall the DCOP authentication process, affecting any local desktop users and causing a reduction in their desktop functionality. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0396 to this issue. Users of KDE should upgrade to these erratum packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 17995
    published 2005-04-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17995
    title RHEL 2.1 / 3 : kdelibs (RHSA-2005:307)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2005-058.NASL
    description A vulnerability in dcopserver was discovered by Sebastian Krahmer of the SUSE security team. A local user can lock up the dcopserver of other users on the same machine by stalling the DCOP authentication process, causing a local Denial of Service. dcopserver is the KDE Desktop Communication Procotol daemon (CVE-2005-0396). As well, the IDN (International Domain Names) support in Konqueror is vulnerable to a phishing technique known as a Homograph attack. This attack is made possible due to IDN allowing a website to use a wide range of international characters that have a strong resemblance to other characters. This can be used to trick users into thinking they are on a different trusted site when they are in fact on a site mocked up to look legitimate using these other characters, known as homographs. This can be used to trick users into providing personal information to a site they think is trusted (CVE-2005-0237). Finally, it was found that the dcopidlng script was vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files of a user when the script is run on behalf of that user. However, this script is only used as part of the build process of KDE itself and may also be used by the build processes of third- party KDE applications (CVE-2005-0365). The updated packages are patched to deal with these issues and Mandrakesoft encourages all users to upgrade immediately.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 17346
    published 2005-03-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17346
    title Mandrake Linux Security Advisory : kdelibs (MDKSA-2005:058)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2005-307.NASL
    description Updated kdelibs packages that fix a local denial of service issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdelibs package provides libraries for the K Desktop Environment. Sebastian Krahmer discovered a flaw in dcopserver, the KDE Desktop Communication Protocol (DCOP) daemon. A local user could use this flaw to stall the DCOP authentication process, affecting any local desktop users and causing a reduction in their desktop functionality. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0396 to this issue. Users of KDE should upgrade to these erratum packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 21802
    published 2006-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21802
    title CentOS 3 / 4 : kdelibs (CESA-2005:307)
oval via4
accepted 2013-04-29T04:05:38.666-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description Desktop Communication Protocol (DCOP) daemon, aka dcopserver, in KDE before 3.4 allows local users to cause a denial of service (dcopserver consumption) by "stalling the DCOP authentication process."
family unix
id oval:org.mitre.oval:def:10432
status accepted
submitted 2010-07-09T03:56:16-04:00
title Desktop Communication Protocol (DCOP) daemon, aka dcopserver, in KDE before 3.4 allows local users to cause a denial of service (dcopserver consumption) by "stalling the DCOP authentication process."
version 23
redhat via4
advisories
  • rhsa
    id RHSA-2005:307
  • rhsa
    id RHSA-2005:325
refmap via4
bid 12820
bugtraq 20050316 Multiple KDE Security Advisories (2005-03-16)
confirm http://www.kde.org/info/security/advisory-20050316-1.txt
fedora FLSA:178606
gentoo GLSA-200503-22
mandrake MDKSA-2005:058
Last major update 17-10-2016 - 23:11
Published 02-05-2005 - 00:00
Last modified 19-10-2018 - 11:31
Back to Top