CVE-2002-1247
https://notcve.org/view.php?id=CVE-2002-1247
Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon. Desbordamiento de búfer en resLISa en KDE 2.1 A 3.0.4 y LISa anteriores a 0.2.2 permite a usuarios locales obtener acceso a raw sockets mediante una variable de entorno LOGNAME larga. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0068.html http://marc.info/?l=bugtraq&m=103704823501757&w=2 http://marc.info/?l=bugtraq&m=103712329102632&w=2 http://marc.info/?l=bugtraq&m=103728981029342&w=2 http://www.ciac.org/ciac/bulletins/n-020.shtml http://www.debian.org/security/2002/dsa-193 http://www.idefense.com/advisory/11.11.02.txt http://www.iss.net/security_center/static/10592.php http://www.mandriva.com/security/advisories?name=MDKSA •
CVE-2002-1223
https://notcve.org/view.php?id=CVE-2002-1223
Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file. Desbordamiento de búfer en el procesador (parser) DSC 3.0 de GSView usado en KGhostView en KDE 1.1 y KDE 3.0.3a, puede permitir a atacantes causar una denegación de servicio o ejecutar código arbitrario mediante un fichero de entrada PostScript (.ps) modificado. • http://archives.neohapsis.com/archives/bugtraq/2002-10/0163.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-101426-1 http://www.ciac.org/ciac/bulletins/n-155.shtml http://www.iss.net/security_center/static/11319.php http://www.kde.org/info/security/advisory-20021008-1.txt http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:071 http://www.redhat.com/support/errata/RHSA-2002-220.html •
CVE-2000-0393 – KDE 1.1/1.1.1/1.2/2.0 kscd - SHELL Environmental Variable
https://notcve.org/view.php?id=CVE-2000-0393
The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute. • https://www.exploit-db.com/exploits/19915 http://archives.neohapsis.com/archives/bugtraq/2000-05/0172.html http://www.novell.com/linux/security/advisories/suse_security_announce_50.html http://www.securityfocus.com/bid/1206 •