-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________
		   Caldera Systems, Inc.  Security Advisory

Subject:		buffer overflow in kdm
Advisory number: 	CSSA-2000-013.0
Issue date: 		2000 May, 24
Cross reference:        
______________________________________________________________________________


1. Problem Description

   There is a buffer overflow in kdm, the KDE graphical login manager.
   Since the buffer variable that is affected is NOT on the stack
   but in the data area, it is not clear whether this bug can be
   exploited.

   Nevertheless we urge our customers to protect themselves against
   this bug, either by applying the workaround described below or
   by installing the fixed packages.

 
2. Vulnerable Versions

   System                       Package
   -----------------------------------------------------------
   OpenLinux Desktop 2.3        All packages previous to
                                kdebase-1.1.2-6OL

   OpenLinux eServer 2.3        All packages previous to
   and OpenLinux eBuilder       kdebase-1.1.2-6OL

   OpenLinux eDesktop 2.4	All packages previous to
                                kdebase-1.1.2-16D

3. Solution

   Workaround:

   Edit /etc/X11/kdm/Xresources, and add the following line at the
   end of the file:

   DisplayManager.requestPort:    0

   Note that you will have to restart kdm for this change to take
   effect. You can achieve this by logging out from your KDE
   session and pressing the Control, Alt, and Backspace (not Delete!)
   key at the same time. This will kill the X server, and restart
   it immediately with the new settings.

   The proper solution is to upgrade to the fixed packages.

4. OpenLinux Desktop 2.3

   4.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/

       The corresponding source code package can be found at:

       ftp://ftp.calderaystems.com/pub/updates/OpenLinux/2.3/current/SRPMS

   4.2 Verification

       5deecb95fecafeab35223638b04cc5a1  RPMS/kdebase-1.1.2-6OL.i386.rpm
       8233c21726505afc1aebd0f66ed1b54b  RPMS/kdebase-opengl-1.1.2-6OL.i386.rpm
       25c62ba1e6e93a183f85c47f16f94962  SRPMS/kdebase-1.1.2-6OL.src.rpm

   4.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

          rpm -F kdebase-1.1.2-6OL.i386.rpm
	  rpm -F kdebase-opengl-1.1.2-6OL.i386.rpm

5. OpenLinux eServer 2.3 and OpenLinux eBuilder for ECential 3.0

   5.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/RPMS/

       The corresponding source code package can be found at:

       ftp://ftp.calderaystems.com/pub/updates/eServer/2.3/current/SRPMS

   5.2 Verification

       8cce6998045c3958469f5b4e43b1f60d  RPMS/kdebase-1.1.2-6OL.i386.rpm
       b04fb7c9c8de0a902ae6394da9aac72b  RPMS/kdebase-opengl-1.1.2-6OL.i386.rpm
       25c62ba1e6e93a183f85c47f16f94962  SRPMS/kdebase-1.1.2-6OL.src.rpm
       
   5.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

          rpm -F kdebase-1.1.2-6OL.i386.rpm
	  rpm -F kdebase-opengl-1.1.2-6OL.i386.rpm

6. OpenLinux eDesktop 2.4

   6.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/RPMS/

       The corresponding source code package can be found at:

       ftp://ftp.calderaystems.com/pub/updates/eDesktop/2.4/current/SRPMS

   6.2 Verification

       9f237a9b6dc14bc1fb5f7a956590604d  RPMS/kdebase-1.1.2-16D.i386.rpm
       2f0b6be404688f3417b640e793317963  RPMS/kdebase-opengl-1.1.2-16D.i386.rpm
       ab0e5825b0a29c565fdfe872e22693d1  SRPMS/kdebase-1.1.2-16D.src.rpm

   6.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

          rpm -F kdebase-1.1.2-16D.i386.rpm
	  rpm -F kdebase-opengl-1.1.2-16D.i386.rpm
   
7. References

   This and other Caldera security resources are located at:

   http://www.calderasystems.com/support/security/index.html

   This security fix closes Caldera's internal Problem Report 6762
   
8. Disclaimer

   Caldera Systems, Inc. is not responsible for the misuse of any of the
   information we provide on this website and/or through our security
   advisories. Our advisories are a service to our customers intended to
   promote secure installation and use of Caldera OpenLinux.


9. Acknowledgements

   Caldera Systems, Inc. thanks Chris Evans for discovering and reporting
   this vulnerability.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE5K82K18sy83A/qfwRAkLAAJ0XOEpu7uQDaGI17i3FfKOMeG1bgQCgnKyh
FAx1lJnWzTwcua5bo/nnsXk=
=zsxy
-----END PGP SIGNATURE-----