Test ID:	1.3.6.1.4.1.25623.1.0.54375
Category:	Fedora Local Security Checks
Title:	Fedora Core 3 FEDORA-2005-594 (kdelibs)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to kdelibs announced via advisory FEDORA-2005-594. Libraries for the K Desktop Environment. KDE Libraries include: kdecore (KDE core library), kdeui (user interface), kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking), kspell (spelling checker), jscript (javascript), kab (addressbook), kimgio (image manipulation). Update Information: A flaw was discovered affecting Kate, the KDE advanced text editor, and Kwrite. Depending on system settings it may be possible for a local user to read the backup files created by Kate or Kwrite. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-1920 to this issue. Users of Kate or Kwrite should update to this erratum package which contains a backported patch from the KDE security team correcting this issue. * Tue Jul 12 2005 Than Ngo 6:3.3.1-2.14.FC3 - Kate backup file permission leak, apply patch to fix this vulnerabilities CVE-2005-1920 - apply cvs patch to get rid of warning Mutex destroy failure, #160922 * Wed May 4 2005 Than Ngo 6:3.3.1-2.13.FC3 - new patch to fix kimgio input validation vulnerabilities, CVE-2005-1046 Solution: Apply the appropriate updates. This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ This update can also be installed with the Update Agent you can launch the Update Agent with the 'up2date' command. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2005-594 Risk factor : High CVSS Score: 7.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1920 1014512 http://securitytracker.com/id?1014512 14297 http://www.securityfocus.com/bid/14297 16099 http://secunia.com/advisories/16099 20050718 [KDE Security Advisory]: Kate backup file permission leak http://marc.info/?l=bugtraq&m=112171434023679&w=2 23099 http://secunia.com/advisories/23099 DSA-804 http://www.debian.org/security/2005/dsa-804 FLSA:178606 http://www.securityfocus.com/archive/1/427976/100/0/threaded GLSA-200611-21 http://security.gentoo.org/glsa/glsa-200611-21.xml RHSA-2005:612 http://www.redhat.com/support/errata/RHSA-2005-612.html SUSE-SR:2005:018 http://www.novell.com/linux/security/advisories/2005_18_sr.html http://www.kde.org/info/security/advisory-20050718-1.txt oval:org.mitre.oval:def:9434 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434 Common Vulnerability Exposure (CVE) ID: CVE-2005-1046 BugTraq ID: 13096 http://www.securityfocus.com/bid/13096 Debian Security Information: DSA-714 (Google Search) http://www.debian.org/security/2005/dsa-714 http://bugs.kde.org/show_bug.cgi?id=102328 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11081 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5802 http://www.redhat.com/support/errata/RHSA-2005-393.html http://secunia.com/advisories/14908 http://secunia.com/advisories/28114 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1 SuSE Security Announcement: SUSE-SA:2005:022 (Google Search) http://www.novell.com/linux/security/advisories/2005_22_kdelibs3.html http://www.vupen.com/english/advisories/2005/0331 http://www.vupen.com/english/advisories/2007/4241
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.