USN-176-1: kcheckpass vulnerability

7 September 2005

kdebase vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 5.04

Software Description

Details

Ilja van Sprundel discovered a flaw in the lock file handling of kcheckpass. A local attacker could exploit this to execute arbitrary code with root privileges.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.04
kdebase-bin

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

References