ID CVE-2002-1281
Summary Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL.
References
Vulnerable Configurations
  • cpe:2.3:o:kde:kde:2.1:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:2.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:2.1.1:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:2.1.2:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:2.1.2:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:2.2:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:2.2:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:2.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:2.2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:2.2.2:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:2.2.2:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:3.0:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:3.0.2:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:3.0.3:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:3.0.3:*:*:*:*:*:*:*
  • cpe:2.3:o:kde:kde:3.0.4:*:*:*:*:*:*:*
    cpe:2.3:o:kde:kde:3.0.4:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 18-10-2016 - 02:25)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
rhsa
id RHSA-2002:220
refmap via4
bid 6182
bugtraq
  • 20021112 KDE Security Advisory: rlogin.protocol and telnet.protocol URL KIO Vulnerability
  • 20021114 GLSA: kdelibs
caldera CSSA-2003-012.0
confirm http://www.kde.org/info/security/advisory-20021111-1.txt
debian DSA-204
mandrake MDKSA-2002:079
secunia 8298
xf kde-rlogin-command-execution(10602)
Last major update 18-10-2016 - 02:25
Published 29-11-2002 - 05:00
Last modified 18-10-2016 - 02:25
Back to Top