![[LWN Logo]](/images/lwn.banner.gif)
Date: Fri, 26 May 2000 17:46:49 -0600
From: Technical Support <support@calderasystems.com>
To: announce@lists.calderasystems.com
Subject: Security Update: buffer overflow in kdm
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
Caldera Systems, Inc. Security Advisory
Subject: buffer overflow in kdm
Advisory number: CSSA-2000-013.0
Issue date: 2000 May, 24
Cross reference:
______________________________________________________________________________
1. Problem Description
There is a buffer overflow in kdm, the KDE graphical login manager.
Since the buffer variable that is affected is NOT on the stack
but in the data area, it is not clear whether this bug can be
exploited.
Nevertheless we urge our customers to protect themselves against
this bug, either by applying the workaround described below or
by installing the fixed packages.
2. Vulnerable Versions
System Package
-----------------------------------------------------------
OpenLinux Desktop 2.3 All packages previous to
kdebase-1.1.2-6OL
OpenLinux eServer 2.3 All packages previous to
and OpenLinux eBuilder kdebase-1.1.2-6OL
OpenLinux eDesktop 2.4 All packages previous to
kdebase-1.1.2-16D
3. Solution
Workaround:
Edit /etc/X11/kdm/Xresources, and add the following line at the
end of the file:
DisplayManager.requestPort: 0
Note that you will have to restart kdm for this change to take
effect. You can achieve this by logging out from your KDE
session and pressing the Control, Alt, and Backspace (not Delete!)
key at the same time. This will kill the X server, and restart
it immediately with the new settings.
The proper solution is to upgrade to the fixed packages.
4. OpenLinux Desktop 2.3
4.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderaystems.com/pub/updates/OpenLinux/2.3/current/SRPMS
4.2 Verification
5deecb95fecafeab35223638b04cc5a1 RPMS/kdebase-1.1.2-6OL.i386.rpm
8233c21726505afc1aebd0f66ed1b54b RPMS/kdebase-opengl-1.1.2-6OL.i386.rpm
25c62ba1e6e93a183f85c47f16f94962 SRPMS/kdebase-1.1.2-6OL.src.rpm
4.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -F kdebase-1.1.2-6OL.i386.rpm
rpm -F kdebase-opengl-1.1.2-6OL.i386.rpm
5. OpenLinux eServer 2.3 and OpenLinux eBuilder for ECential 3.0
5.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderaystems.com/pub/updates/eServer/2.3/current/SRPMS
5.2 Verification
8cce6998045c3958469f5b4e43b1f60d RPMS/kdebase-1.1.2-6OL.i386.rpm
b04fb7c9c8de0a902ae6394da9aac72b RPMS/kdebase-opengl-1.1.2-6OL.i386.rpm
25c62ba1e6e93a183f85c47f16f94962 SRPMS/kdebase-1.1.2-6OL.src.rpm
5.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -F kdebase-1.1.2-6OL.i386.rpm
rpm -F kdebase-opengl-1.1.2-6OL.i386.rpm
6. OpenLinux eDesktop 2.4
6.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderaystems.com/pub/updates/eDesktop/2.4/current/SRPMS
6.2 Verification
9f237a9b6dc14bc1fb5f7a956590604d RPMS/kdebase-1.1.2-16D.i386.rpm
2f0b6be404688f3417b640e793317963 RPMS/kdebase-opengl-1.1.2-16D.i386.rpm
ab0e5825b0a29c565fdfe872e22693d1 SRPMS/kdebase-1.1.2-16D.src.rpm
6.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -F kdebase-1.1.2-16D.i386.rpm
rpm -F kdebase-opengl-1.1.2-16D.i386.rpm
7. References
This and other Caldera security resources are located at:
http://www.calderasystems.com/support/security/index.html
This security fix closes Caldera's internal Problem Report 6762
8. Disclaimer
Caldera Systems, Inc. is not responsible for the misuse of any of the
information we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended to
promote secure installation and use of Caldera OpenLinux.
9. Acknowledgements
Caldera Systems, Inc. thanks Chris Evans for discovering and reporting
this vulnerability.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE5K82K18sy83A/qfwRAkLAAJ0XOEpu7uQDaGI17i3FfKOMeG1bgQCgnKyh
FAx1lJnWzTwcua5bo/nnsXk=
=zsxy
-----END PGP SIGNATURE-----