kdesu is a interactive interface to the substitute user (su) command for the KDE environment. To pass authentication information, it creates a file that may be read by unauthorized users.
kdesu communicates with su using a socket, implemented as a file in /tmp with a predictable name. In this file is placed authenticating information for the effective user that the kdesu user wishes to become (often root).
By using a symbolic link attack, an attacker may be able to capture usernames and passwords.
Apply vendor patches; see the Systems Affected section below.
Creating files in /tmp with appropriate names may block the symbolic link attack, but it may also prevent kdesu from operating properly. It will not be a robust fix.
Initial information on this vulnerability came from a statement by Caldera Systems.
This document was last modified by Tim Shimeall.
|Date First Published:||2001-05-17|
|Date Last Updated:||2001-08-01 18:28 UTC|