From security@caldera.com Fri Nov 15 21:11:23 2002 From: security@caldera.com To: bugtraq@securityfocus.com, announce@lists.caldera.com, security-alerts@linuxsecurity.com, full-disclosure@lists.netsys.com Date: Fri, 15 Nov 2002 16:37:45 -0800 Reply-To: please_reply_to_security@caldera.com Subject: [Full-Disclosure] Security Update: [CSSA-2002-047.0] Linux: KDE SSL and XSS vulnerabilities To: bugtraq@securityfocus.com announce@lists.caldera.com security-alerts@linuxsecurity.com full-disclosure@lists.netsys.com ______________________________________________________________________________ SCO Security Advisory Subject: Linux: KDE SSL and XSS vulnerabilities Advisory number: CSSA-2002-047.0 Issue date: 2002 November 15 Cross reference: ______________________________________________________________________________ 1. Problem Description Konqueror's cross site scripting (XSS) protection fails to initialize the domains on sub-(i)frames correctly. As a result, Javascript can access any foreign subframe which is defined in the HTML source. KDE's SSL implementation fails to check the basic constraints on certificates and as a result may accept certificates as valid that were signed by an issuer who was not authorized to do so. 2. Vulnerable Supported Versions System Package ---------------------------------------------------------------------- OpenLinux 3.1.1 Server prior to kdelibs2-2.2.1-6.1.i386.rpm prior to kdelibs2-devel-2.2.1-6.1.i386.rpm prior to kdelibs2-devel-static-2.2.1-6.1.i386.rpm prior to kdelibs2-doc-2.2.1-6.1.i386.rpm OpenLinux 3.1.1 Workstation prior to kdelibs2-2.2.1-6.1.i386.rpm prior to kdelibs2-devel-2.2.1-6.1.i386.rpm prior to kdelibs2-devel-static-2.2.1-6.1.i386.rpm prior to kdelibs2-doc-2.2.1-6.1.i386.rpm OpenLinux 3.1 Server prior to kdelibs2-2.2.1-6.1.i386.rpm prior to kdelibs2-devel-2.2.1-6.1.i386.rpm prior to kdelibs2-devel-static-2.2.1-6.1.i386.rpm prior to kdelibs2-doc-2.2.1-6.1.i386.rpm OpenLinux 3.1 Workstation prior to kdelibs2-2.2.1-6.1.i386.rpm prior to kdelibs2-devel-2.2.1-6.1.i386.rpm prior to kdelibs2-devel-static-2.2.1-6.1.i386.rpm prior to kdelibs2-doc-2.2.1-6.1.i386.rpm 3. Solution The proper solution is to install the latest packages. Many customers find it easier to use the Caldera System Updater, called cupdate (or kcupdate under the KDE environment), to update these packages rather than downloading and installing them by hand. 4. OpenLinux 3.1.1 Server 4.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-047.0/RPMS 4.2 Packages a03fb8e34fde83b1a4f83124c2e4b041 kdelibs2-2.2.1-6.1.i386.rpm 6c4fc3be168073d33b7f62603b03e1a0 kdelibs2-devel-2.2.1-6.1.i386.rpm 0d16a2303715af4e5cee545a3f5fa5e4 kdelibs2-devel-static-2.2.1-6.1.i386.rpm f8a1574f0b3d97c0272d935f0140ec3a kdelibs2-doc-2.2.1-6.1.i386.rpm 4.3 Installation rpm -Fvh kdelibs2-2.2.1-6.1.i386.rpm rpm -Fvh kdelibs2-devel-2.2.1-6.1.i386.rpm rpm -Fvh kdelibs2-devel-static-2.2.1-6.1.i386.rpm rpm -Fvh kdelibs2-doc-2.2.1-6.1.i386.rpm 4.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-047.0/SRPMS 4.5 Source Packages 2632e383fd006e4307b8d46b2755bfe1 kdelibs2-2.2.1-6.1.src.rpm 5. OpenLinux 3.1.1 Workstation 5.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-047.0/RPMS 5.2 Packages 510eeadb0430c083de57d6901e3b7ff4 kdelibs2-2.2.1-6.1.i386.rpm 37f6a6eafc2d62edac6e753effafaf69 kdelibs2-devel-2.2.1-6.1.i386.rpm c870729596c35e570a1a376879694051 kdelibs2-devel-static-2.2.1-6.1.i386.rpm ab5617edf321f2c97a297b59eb2353d5 kdelibs2-doc-2.2.1-6.1.i386.rpm 5.3 Installation rpm -Fvh kdelibs2-2.2.1-6.1.i386.rpm rpm -Fvh kdelibs2-devel-2.2.1-6.1.i386.rpm rpm -Fvh kdelibs2-devel-static-2.2.1-6.1.i386.rpm rpm -Fvh kdelibs2-doc-2.2.1-6.1.i386.rpm 5.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-047.0/SRPMS 5.5 Source Packages 23ef26f4c6d6f5a8110ad14ab35d97f3 kdelibs2-2.2.1-6.1.src.rpm 6. OpenLinux 3.1 Server 6.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-047.0/RPMS 6.2 Packages f89476e89a490a817f9b9cb1d9f0d45e kdelibs2-2.2.1-6.1.i386.rpm 5e9b87afe1f433695900cf472b72b8ff kdelibs2-devel-2.2.1-6.1.i386.rpm 639d81f339d580246b47192dee39f323 kdelibs2-devel-static-2.2.1-6.1.i386.rpm 46bd0251cae1f20a1e9cf2968ec6b28b kdelibs2-doc-2.2.1-6.1.i386.rpm 6.3 Installation rpm -Fvh kdelibs2-2.2.1-6.1.i386.rpm rpm -Fvh kdelibs2-devel-2.2.1-6.1.i386.rpm rpm -Fvh kdelibs2-devel-static-2.2.1-6.1.i386.rpm rpm -Fvh kdelibs2-doc-2.2.1-6.1.i386.rpm 6.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-047.0/SRPMS 6.5 Source Packages b8db0bed5301c62f0c23a7299764daac kdelibs2-2.2.1-6.1.src.rpm 7. OpenLinux 3.1 Workstation 7.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-047.0/RPMS 7.2 Packages c644ccee63d98f51c3c75153dac8f72b kdelibs2-2.2.1-6.1.i386.rpm a9a6672a59132b7da2276fc84af4239e kdelibs2-devel-2.2.1-6.1.i386.rpm ab1314c35f6a696f8ffc242f47c132a8 kdelibs2-devel-static-2.2.1-6.1.i386.rpm 97bda2eff3c2ed28d69c89f0f9e71e5d kdelibs2-doc-2.2.1-6.1.i386.rpm 7.3 Installation rpm -Fvh kdelibs2-2.2.1-6.1.i386.rpm rpm -Fvh kdelibs2-devel-2.2.1-6.1.i386.rpm rpm -Fvh kdelibs2-devel-static-2.2.1-6.1.i386.rpm rpm -Fvh kdelibs2-doc-2.2.1-6.1.i386.rpm 7.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-047.0/SRPMS 7.5 Source Packages 81ffd01431cb6b64f110790a515f6cee kdelibs2-2.2.1-6.1.src.rpm 8. References Specific references for this advisory: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0970 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1151 http://www.kde.org/info/security/advisory-20020908-2.txt http://www.kde.org/info/security/advisory-20020818-1.txt SCO security resources: http://www.sco.com/support/security/index.html This security fix closes SCO incidents sr868329, fz525911, fz525926, erg712110, erg712107, erg712111, sr869190, fz526085, erg712129. 9. Disclaimer SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. ______________________________________________________________________________ [ Part 2, Application/PGP-SIGNATURE 245bytes. ] [ Unable to print this part. ]