Test ID:	1.3.6.1.4.1.25623.1.0.67492
Category:	Fedora Local Security Checks
Title:	Fedora Core 12 FEDORA-2010-8544 (kde-l10n)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to kde-l10n announced via advisory FEDORA-2010-8544. Update Information: This update set updates the KDE Software Compilation (KDE SC) to KDE SC 4.4.3, which has a number of improvements: * Numerous fixes in Konsole, KDE's terminal emulator, among them two possible crashers in session management * Flash plugin support in KHTML has been enhanced to work with newest Youtube skins * Case-sensitivity in renaming fixes in KIO, KDE's network-transparent I/O library * Hiding the mouse cursor in some special cases in presentation mode and two possible crashers have been fixed and more bugfixes and translation updates. See http://kde.org/announcements/announce-4.4.3.php for more information. In addition, the security issues CVE-2010-1000 and CVE-2010-1511 (improper sanitization of metalink attribute for downloading files) in KGet have been fixed, and Kppp now prompts for the root password instead of failing with a cryptic error when run as a regular user. This update can be installed with the yum update program. Use su -c 'yum update kde-l10n' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2010-8544 Risk factor : High CVSS Score: 6.4
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1000 BugTraq ID: 40141 http://www.securityfocus.com/bid/40141 Bugtraq: 20100513 Secunia Research: KDE KGet metalink "name" Directory Traversal Vulnerability (Google Search) http://www.securityfocus.com/archive/1/511281/100/0/threaded Bugtraq: 20100514 Re: Secunia Research: KDE KGet Insecure File Operation Vulnerability (Google Search) http://www.securityfocus.com/archive/1/511294/100/0/threaded http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051692.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058580.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:098 http://secunia.com/secunia_research/2010-69/ http://marc.info/?l=oss-security&m=127378789518426&w=2 http://osvdb.org/64690 http://securitytracker.com/id?1023984 http://secunia.com/advisories/39528 http://secunia.com/advisories/39787 http://secunia.com/advisories/42423 SuSE Security Announcement: SUSE-SR:2010:024 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html http://www.ubuntu.com/usn/USN-938-1 http://www.vupen.com/english/advisories/2010/1142 http://www.vupen.com/english/advisories/2010/1144 http://www.vupen.com/english/advisories/2010/3096 http://www.vupen.com/english/advisories/2011/1101 XForce ISS Database: kde-name-directory-traversal(58628) https://exchange.xforce.ibmcloud.com/vulnerabilities/58628 Common Vulnerability Exposure (CVE) ID: CVE-2010-1511 Bugtraq: 20100513 Secunia Research: KDE KGet Insecure File Operation Vulnerability (Google Search) http://www.securityfocus.com/archive/1/511279/100/0/threaded http://secunia.com/secunia_research/2010-70/ http://osvdb.org/64689 XForce ISS Database: kde-metalink-file-overwrite(58629) https://exchange.xforce.ibmcloud.com/vulnerabilities/58629
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.