-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SCO Security Advisory Subject: Linux: KDE rlogin.protocol and telnet.protocol url kio Vulnerability Advisory number: CSSA-2003-012.0 Issue date: 2003 March 14 Cross reference: ______________________________________________________________________________ 1. Problem Description From the KDE.org 20021111-1 advisory: The implementation of the rlogin protocol in all of the affected systems, and the implementation of the telnet protocol in affected KDE 2 systems, allows a carefully crafted url in an html page, html email or other kio-enabled application to execute arbitrary commands on the system using the victim's account on the vulnerable machine. 2. Vulnerable Supported Versions System Package ---------------------------------------------------------------------- OpenLinux 3.1.1 Server prior to kdelibs2-2.2.1-6.3.i386.rpm prior to kdelibs2-devel-2.2.1-6.3.i386.rpm prior to kdelibs2-devel-static-2.2.1-6.3.i386.rpm prior to kdelibs2-doc-2.2.1-6.3.i386.rpm OpenLinux 3.1.1 Workstation prior to kdelibs2-2.2.1-6.3.i386.rpm prior to kdelibs2-devel-2.2.1-6.3.i386.rpm prior to kdelibs2-devel-static-2.2.1-6.3.i386.rpm prior to kdelibs2-doc-2.2.1-6.3.i386.rpm OpenLinux 3.1 Server prior to kdelibs2-2.2.1-6.3.i386.rpm prior to kdelibs2-devel-2.2.1-6.3.i386.rpm prior to kdelibs2-devel-static-2.2.1-6.3.i386.rpm prior to kdelibs2-doc-2.2.1-6.3.i386.rpm OpenLinux 3.1 Workstation prior to kdelibs2-2.2.1-6.3.i386.rpm prior to kdelibs2-devel-2.2.1-6.3.i386.rpm prior to kdelibs2-devel-static-2.2.1-6.3.i386.rpm prior to kdelibs2-doc-2.2.1-6.3.i386.rpm 3. Solution The proper solution is to install the latest packages. Many customers find it easier to use the Caldera System Updater, called cupdate (or kcupdate under the KDE environment), to update these packages rather than downloading and installing them by hand. 4. OpenLinux 3.1.1 Server 4.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-012.0/RPMS 4.2 Packages 8129d823e229783c726199a844318eee kdelibs2-2.2.1-6.3.i386.rpm e631a15683fe15eb297a06e51287bfdd kdelibs2-devel-2.2.1-6.3.i386.rpm 76c004779dde39b01b8576ff96c6b137 kdelibs2-devel-static-2.2.1-6.3.i386.rpm 18e3123ff2f9123c7617ade65748f57f kdelibs2-doc-2.2.1-6.3.i386.rpm 4.3 Installation rpm -Fvh kdelibs2-2.2.1-6.3.i386.rpm rpm -Fvh kdelibs2-devel-2.2.1-6.3.i386.rpm rpm -Fvh kdelibs2-devel-static-2.2.1-6.3.i386.rpm rpm -Fvh kdelibs2-doc-2.2.1-6.3.i386.rpm 4.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-012.0/SRPMS 4.5 Source Packages 9b04bfe2743d6a4ccf5a8ca50f719189 kdelibs2-2.2.1-6.3.src.rpm 5. OpenLinux 3.1.1 Workstation 5.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-012.0/RPMS 5.2 Packages 26afc4798aca1790d98e81535a883d0d kdelibs2-2.2.1-6.3.i386.rpm a96af03f963bfd9a7611746054eeb5a4 kdelibs2-devel-2.2.1-6.3.i386.rpm 8b10782ead46deae8dc51e34851f2118 kdelibs2-devel-static-2.2.1-6.3.i386.rpm 61818a0d965eaa44142f9461bb0a580f kdelibs2-doc-2.2.1-6.3.i386.rpm 5.3 Installation rpm -Fvh kdelibs2-2.2.1-6.3.i386.rpm rpm -Fvh kdelibs2-devel-2.2.1-6.3.i386.rpm rpm -Fvh kdelibs2-devel-static-2.2.1-6.3.i386.rpm rpm -Fvh kdelibs2-doc-2.2.1-6.3.i386.rpm 5.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-012.0/SRPMS 5.5 Source Packages e8a17de26c5fcfd5b44c2aab0e7e1e42 kdelibs2-2.2.1-6.3.src.rpm 6. OpenLinux 3.1 Server 6.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-012.0/RPMS 6.2 Packages c2bf490ca7443c62c45a0dce907f9943 kdelibs2-2.2.1-6.3.i386.rpm 0e43fb5811697dbd3d25084b31481b00 kdelibs2-devel-2.2.1-6.3.i386.rpm dd14c0db0ec3b7125bafe4e530e90a4a kdelibs2-devel-static-2.2.1-6.3.i386.rpm 60b6d0eccef454ecdc238a31a6688a1a kdelibs2-doc-2.2.1-6.3.i386.rpm 6.3 Installation rpm -Fvh kdelibs2-2.2.1-6.3.i386.rpm rpm -Fvh kdelibs2-devel-2.2.1-6.3.i386.rpm rpm -Fvh kdelibs2-devel-static-2.2.1-6.3.i386.rpm rpm -Fvh kdelibs2-doc-2.2.1-6.3.i386.rpm 6.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-012.0/SRPMS 6.5 Source Packages 43823df287464c1c186607df1cb603db kdelibs2-2.2.1-6.3.src.rpm 7. OpenLinux 3.1 Workstation 7.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-012.0/RPMS 7.2 Packages b5e6c49e354b1bf4483fd29f0ecf7a9e kdelibs2-2.2.1-6.3.i386.rpm 9c9a8af55257d002e0edbaab4f3ebf67 kdelibs2-devel-2.2.1-6.3.i386.rpm be537a8de06e5754e56e1e27ea73ff8f kdelibs2-devel-static-2.2.1-6.3.i386.rpm 8b4ff42cd09a6278c8275628e68b31b9 kdelibs2-doc-2.2.1-6.3.i386.rpm 7.3 Installation rpm -Fvh kdelibs2-2.2.1-6.3.i386.rpm rpm -Fvh kdelibs2-devel-2.2.1-6.3.i386.rpm rpm -Fvh kdelibs2-devel-static-2.2.1-6.3.i386.rpm rpm -Fvh kdelibs2-doc-2.2.1-6.3.i386.rpm 7.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-012.0/SRPMS 7.5 Source Packages 928a9ef51baae6b352b343df75e86cb9 kdelibs2-2.2.1-6.3.src.rpm 8. References Specific references for this advisory: http://www.kde.org/info/security/advisory-20021111-1.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1281 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1282 SCO security resources: http://www.sco.com/support/security/index.html This security fix closes SCO incidents sr872190, fz526739, erg712167. 9. Disclaimer SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. 10. Acknowledgements KDE.org discovered and researched this vulnerability. ______________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAj5yYzMACgkQbluZssSXDTEdMwCgnYYTjWnFeZEwq2hF32HlY9Mv ecMAoKFSSTxBcgU9kvtfERAGPrMVH4kw =7W96 -----END PGP SIGNATURE-----