search menu icon-carat-right cmu-wordmark

CERT Coordination Center


KDE KFM creates temporary files insecurely

Vulnerability Note VU#700216

Original Release Date: 2001-05-30 | Last Revised: 2001-05-30

Overview

KDE's kfm creates and uses temporary cache directories insecurely.

Description

kfm, the KDE File Manager, creates a cache directory for each user. This directory is placed in /tmp and predictably named, based on the UID. These directories are created without checking for correct ownership or prior existence. Following creation, it will write files to these directories.

Impact

By creating directories, an attacker may be able to cause kfm to hang or crash. By a symlink attack, an attacker may be able to cause corruption of other files modifiable by the user of kfm.

Solution

The CERT/CC is currently unaware of a practical solution to this problem.

As root, create appropriately named cache directories in /tmp and chown them to the appropriate user. This will not be a robust fix.

Vendor Information

No information available at this time.


CVSS Metrics

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A

References

Credit

Paul Starzetz initially reported this vulnerability.

This document was last modified by Tim Shimeall.

Other Information

CVE IDs: None
Severity Metric: 2.03
Date Public: 2001-05-02
Date First Published: 2001-05-30
Date Last Updated: 2001-05-30 14:37 UTC
Document Revision: 6

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.