Incorrect default permissions in KDE Frameworks - CVE-2016-3100
Published: August 19, 2019
Vulnerability identifier: #VU20303
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2016-3100
CWE-ID: CWE-276
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: KDE.org
Affected software:
KDE Frameworks
KDE Frameworks
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to incorrect default permissions (e.g. 644) for /tmp/xauth-xxx-_y file that stores.X11 cookie. A local user can view contents of the file, obtain X11 cookies and consequently capture keystrokes of other users.
How to mitigate CVE-2016-3100
Install updates from vendor's website.
Sources
- http://lists.opensuse.org/opensuse-updates/2016-07/msg00001.html
- http://www.kde.com/announcements/kde-frameworks-5.23.0.php
- http://www.securityfocus.com/bid/91769
- https://bugs.kde.org/show_bug.cgi?id=358593
- https://bugs.kde.org/show_bug.cgi?id=363140
- https://quickgit.kde.org/?p=kinit.git&a=commitdiff&h=72f3702dbe6cf15c06dc13da2c99c864e9022a58
- https://quickgit.kde.org/?p=kinit.git&a=commitdiff&h=dece8fd89979cd1a86c03bcaceef6e9221e8d8cd
- https://www.kde.org/info/security/advisory-20160621-1.txt