Detections
Analytics

FreeBSD : KWallet-PAM -- Access to privileged files (83a548b5-4fa5-11e8-9a8e-001e2a3f778d)

high Nessus Plugin ID 109593

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

The KDE Community reports :

kwallet-pam was doing file writing and permission changing as root that with correct timing and use of carefully crafted symbolic links could allow a non privileged user to become the owner of any file on the system.

Solution

Update the affected package.

See Also

https://www.kde.org/info/security/advisory-20180503-1.txt

http://www.nessus.org/u?b29b16fe

Plugin Details

Severity: High

ID: 109593

File Name: freebsd_pkg_83a548b54fa511e89a8e001e2a3f778d.nasl

Version: 1.2

Type: local

Published: 5/7/2018

Updated: 11/10/2018

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:plasma5-kwallet-pam, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 5/4/2018

Vulnerability Publication Date: 5/4/2018