Vulnerability Note VU#700216

KDE KFM creates temporary files insecurely

Original Release date: 30 May 2001 | Last revised: 30 May 2001

Overview

KDE's kfm creates and uses temporary cache directories insecurely.

Description

kfm, the KDE File Manager, creates a cache directory for each user. This directory is placed in /tmp and predictably named, based on the UID. These directories are created without checking for correct ownership or prior existence. Following creation, it will write files to these directories.

Impact

By creating directories, an attacker may be able to cause kfm to hang or crash. By a symlink attack, an attacker may be able to cause corruption of other files modifiable by the user of kfm.

Solution

The CERT/CC is currently unaware of a practical solution to this problem.

As root, create appropriately named cache directories in /tmp and chown them to the appropriate user. This will not be a robust fix.

Systems Affected (Learn More)

No information available. If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

Paul Starzetz initially reported this vulnerability.

This document was last modified by Tim Shimeall.

Other Information

  • CVE IDs: Unknown
  • Date Public: 02 May 2001
  • Date First Published: 30 May 2001
  • Date Last Updated: 30 May 2001
  • Severity Metric: 2.02
  • Document Revision: 6

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.