=====================================================================
                                  CERT-Renater

                       Note d'Information No. 2005/VULN276
_____________________________________________________________________

DATE                      : 22/04/2005

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Quanta 3.1.x, KDE 3.2 up
                                   to and including KDE 3.4.0.

======================================================================

KDE Security Advisory: Kommander untrusted code execution
Original Release Date: 2005-04-20
URL: http://www.kde.org/info/security/advisory-20050420-1.txt

0. References

         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0754

1. Systems affected:

         Quanta 3.1.x, KDE 3.2 and new up to including KDE 3.4.0.


2. Overview:

         Kommander is a visual editor and interpreter to edit and
         interpret visual dialogs and execute scripts attached to
         dialog actions.

         Kommander executes without user confirmation data files
         from possibly untrusted locations. As they contain
         scripts, the user might accidentally run arbitrary code.


3. Impact:

         Remotly supplied kommander files from untrusted sources
         are executed without confirmation.


4. Solution:

         Source code patches have been made available which fix these
         vulnerabilities. Contact your OS vendor / binary package provider
         for information about how to obtain updated binary packages.


5. Patch:

         A patch for KDE 3.4.0 is available from
         ftp://ftp.kde.org/pub/kde/security_patches :

         c388b21d91c8326fc9757cd8786713db  post-3.4.0-kdewebdev-kommander.diff

         A patch for KDE 3.3.2 is available from
         ftp://ftp.kde.org/pub/kde/security_patches :

         d210c07121c1ba3a97660a6e166738e6  post-3.3.2-kdewebdev-kommander.diff


6. Time line and credits:

         13/03/2005 Notification of KDE security by Eckhart Wörner
         20/04/2005 Public Disclosure



======================================================================

         =========================================================
         Les serveurs de référence du CERT-Renater
         http://www.urec.fr/securite
         http://www.cru.fr/securite
         http://www.renater.fr
         =========================================================
         + CERT-RENATER          | tel : 01-53-94-20-44          +
         + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
         + 75013 Paris           | email: certsvp@renater.fr     +
         =========================================================