CVE-2005-2494

Published Sep 6, 2005

Last updated 6 hours ago

CVSS info 7.2

Overview

Description: kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root access via a symlink attack on lock files.
Source: secalert@redhat.com
NVD status: Deferred

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:kde:kde:3.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73B53A48-E222-46D9-B84C-AC26DF6AB400"
          },
          {
            "criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132"
          },
          {
            "criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060"
          },
          {
            "criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16"
          },
          {
            "criteria": "cpe:2.3:o:kde:kde:3.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6AB7C9F-48E2-4ACD-80CB-9559DE4C2BAB"
          },
          {
            "criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1"
          },
          {
            "criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1"
          },
          {
            "criteria": "cpe:2.3:o:kde:kde:3.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D600E27F-A1D6-42C7-8ED1-FD508F5B3AB1"
          },
          {
            "criteria": "cpe:2.3:o:kde:kde:3.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7036AE90-C7E0-48CE-805D-3F1E04852675"
          },
          {
            "criteria": "cpe:2.3:o:kde:kde:3.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D49AE92-BA00-4A8E-BBFE-1BE994CFA3CF"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References