TUCoPS :: Linux :: General

TUCoPS :: Linux :: General :: kde13.htm
Bug in kdesu that allows any user to steal the password entered at the KDE su prompt
Vulnerability

    kdesu

Affected

    KDE

Description

    Following is based on a  Caldera Systems Security Advisory.   KDE2
    comes with  a program  called kdesu  that is  used to  run certain
    administration commands under the  account of the super  user (for
    instance, every time the KDE control center asks you for the  root
    password, you actually talk to kdesu).

    There is  a bug  in kdesu  that allows  any user  on the system to
    steal the passwords you enter at the kdesu prompt.

Solution

    There is  no real  workaround for  this bug,  and the following is
    _not_  a  permanent  solution  to  the  problem;  this is merely a
    temporary solution until you have installed the update.

    As the super user, create  directories in /tmp that have  the same
    name as the socket used by kdesu:

        mkdir /tmp/kdesud_UID_0

    where UID ranges over all user IDs of users on your system.   Note
    that the trailing 0 is the  display number, so if you run  several
    X servers  on your  machine, you  need to  repeat the  process for
    display 1, 2, etc.

    In  order  to  protect  just  yourself,  the following will do the
    trick:

        mkdir /tmp/kdesud_`id -u`_0

    The proper solution is to upgrade to the fixed packages:

        ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/RPMS/
        ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/SRPMS
              SRPMS/kdebase2-2.0-6.src.rpm
              RPMS/kdebase2-2.0-6.i386.rpm
              RPMS/kdebase2-opengl-2.0-6.i386.rpm
              SRPMS/kdelibs2-2.0-6.src.rpm
              RPMS/kdelibs2-2.0-6.i386.rpm
              RPMS/kdelibs2-devel-2.0-6.i386.rpm
              RPMS/kdelibs2-devel-static-2.0-6.i386.rpm
              RPMS/kdelibs2-doc-2.0-6.i386.rpm

    For SuSE:

        ftp://ftp.suse.com/pub/suse/i386/update/6.1/kpa1/kdesu-0.98-187.i386.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/6.1/kpa1/kdesu.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/6.1/zq1/kdesu-0.98-187.src.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/6.2/kpa1/kdesu-0.98-187.i386.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/6.2/kpa1/kdesu.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/kdesu-0.98-187.src.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/6.3/kpa1/kdesu-0.98-187.i386.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/6.3/kpa1/kdesu.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/kdesu-0.98-187.src.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/6.4/kpa1/kdesu-0.98-187.i386.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/6.4/kpa1/kdesu.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/kdesu-0.98-187.src.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/7.0/kpa1/kdesu-0.98-187.i386.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/7.0/kpa1/kdesu.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/kdesu-0.98-187.src.rpm
        ftp://ftp.suse.com/pub/suse/axp/update/6.1/kpa1/kdesu-0.98-187.alpha.rpm
        ftp://ftp.suse.com/pub/suse/axp/update/6.1/kpa1/kdesu.rpm
        ftp://ftp.suse.com/pub/suse/axp/update/6.1/zq1/kdesu-0.98-187.src.rpm
        ftp://ftp.suse.com/pub/suse/axp/update/6.3/kpa1/kdesu-0.98-187.alpha.rpm
        ftp://ftp.suse.com/pub/suse/axp/update/6.3/kpa1/kdesu.rpm
        ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/kdesu-0.98-187.src.rpm
        ftp://ftp.suse.com/pub/suse/axp/update/6.4/kpa1/kdesu-0.98-187.alpha.rpm
        ftp://ftp.suse.com/pub/suse/axp/update/6.4/kpa1/kdesu.rpm
        ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/kdesu-0.98-187.src.rpm
        ftp://ftp.suse.com/pub/suse/axp/update/7.0/kpa1/kdesu-0.98-187.alpha.rpm
        ftp://ftp.suse.com/pub/suse/axp/update/7.0/kpa1/kdesu.rpm
        ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/kdesu-0.98-187.src.rpm
        ftp://ftp.suse.com/pub/suse/ppc/update/6.4/kpa1/kdesu-0.98-187.ppc.rpm
        ftp://ftp.suse.com/pub/suse/ppc/update/6.4/kpa1/kdesu.rpm
        ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/kdesu-0.98-187.src.rpm
        ftp://ftp.suse.com/pub/suse/ppc/update/7.0/kpa1/kdesu-0.98-187.ppc.rpm
        ftp://ftp.suse.com/pub/suse/ppc/update/7.0/kpa1/kdesu.rpm
        ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/kdesu-0.98-187.src.rpm

    For Conectiva Linux:

        ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/kdelibs-2.01-6cl.src.rpm
        ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/kdebase-2.01-4cl.src.rpm
        ftp://atualizacoes.conectiva.com.br/6.0/RPMS/kdebase-2.01-4cl.i386.rpm
        ftp://atualizacoes.conectiva.com.br/6.0/RPMS/kdebase-devel-2.01-4cl.i386.rpm
        ftp://atualizacoes.conectiva.com.br/6.0/RPMS/kdelibs-2.01-6cl.i386.rpm
        ftp://atualizacoes.conectiva.com.br/6.0/RPMS/kdelibs-devel-2.01-6cl.i386.rpm

    For Linux-Mandrake:

        Linux-Mandrake 6.1: 6.1/RPMS/kdesu-0.97-1.1mdk.i586.rpm
                            6.1/SRPMS/kdesu-0.97-1.1mdk.src.rpm
        Linux-Mandrake 7.0: 7.0/RPMS/kcmkdesu-0.98-14.1mdk.i586.rpm
                            7.0/RPMS/kdesu-0.98-14.1mdk.i586.rpm
                            7.0/SRPMS/kdesu-0.98-14.1mdk.src.rpm
        Linux-Mandrake 7.1: 7.1/RPMS/kcmkdesu-0.98-14.1mdk.i586.rpm
                            7.1/RPMS/kdesu-0.98-14.1mdk.i586.rpm
                            7.1/SRPMS/kdesu-0.98-14.1mdk.src.rpm
        Linux-Mandrake 7.2: 7.2/RPMS/kdebase-2.0.1-1mdk.i586.rpm
                            7.2/RPMS/kdebase-devel-2.0.1-1mdk.i586.rpm
                            7.2/RPMS/kdelibs-2.0.1-2mdk.i586.rpm
                            7.2/RPMS/kdelibs-devel-2.0.1-2mdk.i586.rpm
                            7.2/SRPMS/kdebase-2.0.1-1mdk.src.rpm
                            7.2/SRPMS/kdelibs-2.0.1-2mdk.src.rpm
    Corporate Server 1.0.1: 1.0.1/RPMS/kcmkdesu-0.98-14.1mdk.i586.rpm
                            1.0.1/RPMS/kdesu-0.98-14.1mdk.i586.rpm
                            1.0.1/SRPMS/kdesu-0.98-14.1mdk.src.rpm