Slackware 12.0 : kdebase, kdelibs (SSA:2007-264-01)

This script is Copyright (C) 2007-2013 Tenable Network Security, Inc.


Synopsis :

The remote Slackware host is missing a security update.

Description :

New kdebase packages are available for Slackware 12.0 to fix security
issues. A long URL padded with spaces could be used to display a false
URL in Konqueror's addressbar, and KDM when used with no-password
login could be tricked into logging a different user in without a
password. This is not the way KDM is configured in Slackware by
default, somewhat mitigating the impact of this issue.

See also :

http://www.kde.org/info/security/advisory-20070919-1.txt
http://www.nessus.org/u?4208d761

Solution :

Update the affected kdebase and / or kdelibs packages.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: Slackware Local Security Checks

Nessus Plugin ID: 26113 ()

Bugtraq ID:

CVE ID: CVE-2007-3820
CVE-2007-4224
CVE-2007-4225
CVE-2007-4569