English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 143769 CVE descriptions
and 71225 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2003-36
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date : 06 Jun 2003
 Last revised           : 11 Jun 2003

 Package : kdelibs

 Summary : Konqueror Embedded SSL vulnerability

 More information :
    Main libraries for the K Desktop Environment.
    KDE's SSL implementation in the affected versions matches certificates
    based on IP number instead of hostname. Due to this it may fail to notice
    a man-in-the-middle attack.

 Impact :
    Users of Konqueror and other SSL enabled KDE software may fall victim
    to a malicious man-in-the-middle attack without noticing. In such case the
    user will be under the impression that there is a secure connection with a
    trusted site while in fact a different site has been connected to.

 Affected Products :
    - Turbolinux 8 Server
    - Turbolinux 8 Workstation
    - Turbolinux 7 Server
    - Turbolinux 7 Workstation

 Solution :
    Please use turbopkg tool to apply the update.


 <Turbolinux 8 Server>

   Source Packages
   Size : MD5

   kdelibs-2.2.2-15.src.rpm
      6023563 f45837e6e69bff7e2f3a145cd175b0a2

   Binary Packages
   Size : MD5

   arts-2.2.2-15.i586.rpm
       822618 5828ec9b401f1b08f3d86b60f2421e36
   arts-devel-2.2.2-15.i586.rpm
        71260 7762933416c444366fa50ae3996f301f
   kdelibs-2.2.2-15.i586.rpm
      7810309 111c8ff48b7f9226df74109c5c7395ba
   kdelibs-devel-2.2.2-15.i586.rpm
      2476287 3b36a0ced2b48421822242bdeeef6b87

 <Turbolinux 8 Workstation>

   Source Packages
   Size : MD5

   kdelibs-2.2.2-15.src.rpm
      6023563 890efc75e9ee7b2df9be541a2e815304

   Binary Packages
   Size : MD5

   arts-2.2.2-15.i586.rpm
       822776 312ff357b7c9ec986f3aefa9ad424d5a
   arts-devel-2.2.2-15.i586.rpm
        71364 06c2712cfcab3e873d91e6ea4a9efe9e
   kdelibs-2.2.2-15.i586.rpm
      7811621 dd2dbfc333804b7ce29dcc0fcedb7c21
   kdelibs-devel-2.2.2-15.i586.rpm
      2478673 cdd87786aaeea3fbc336c1ba3d7cfe8e

 <Turbolinux 7 Server>

   Source Packages
   Size : MD5

   kdelibs-2.2.2-15.src.rpm
      6023563 73444e45262c6b2ac96f45ce796283ca

   Binary Packages
   Size : MD5

   arts-2.2.2-15.i586.rpm
       741336 c1d513970ffd68d49e864a85eb8bdd14
   arts-devel-2.2.2-15.i586.rpm
        70816 bc776612cd0bded3645c0de0d8f9fed3
   kdelibs-2.2.2-15.i586.rpm
      7341074 3890e4248a6ee681a926c06247ac801a
   kdelibs-devel-2.2.2-15.i586.rpm
      2476432 19de24c8a1177a56b4fa16f134f93d66

 <Turbolinux 7 Workstation>

   Source Packages
   Size : MD5

   kdelibs-2.2.2-15.src.rpm
      6023563 59c0418654dd0dbaaf5d01585fad1470

   Binary Packages
   Size : MD5

   arts-2.2.2-15.i586.rpm
       741437 ced2e758201633be53aa1a0c2b04d1d9
   arts-devel-2.2.2-15.i586.rpm
        70844 856a3edd151248b587e0b130036ffb9d
   kdelibs-2.2.2-15.i586.rpm
      7343445 f9404692280520c83e995622af77ccd9
   kdelibs-devel-2.2.2-15.i586.rpm
      2477137 3114487484a3c7ec2f0e959382eff0ce


 References :

 KDE Security Advisory
   http://www.kde.org/info/security/advisory-20030602-1.txt


 --------------------------------------------------------------------------
 Revision History
    06 Jun 2003 Initial release
    11 Jun 2003 Modified Advisory number
 --------------------------------------------------------------------------

 Copyright(C) 2003 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE+5pacK0LzjOqIJMwRAoFUAJ987M6XMKNlA/FX/8pKh5Nbb9uBMwCfeoPZ
s1t522i9VkilRIUUKBUMONA=
=64Vu
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.