CERTA-2005-AVI-027
Vulnerability from certfr_avis - Published: 2005-01-24 - Updated: 2005-02-14None
Description
Konversation est un client IRC (Internet Relay Chat) pour
l'environnement de bureau KDE.
Plusieurs vulnérabilités dans Konversation rendent possible le déni de
service ou l'exécution de code arbitraire à distance sur la plate-forme
utilisant une version non corrigée de Konversation.
Solution
Mettre à jour Konversation en version 0.15.1 (cf. section
Documentation).
Konversation est téléchargeable à l'adresse suivante :
http://download.berlios.de/konversation/
Toutes les versions de Konversation antérieures à la version 0.15.1.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cp\u003eToutes les versions de \u003cTT\u003eKonversation\u003c/TT\u003e ant\u00e9rieures \u00e0 la version 0.15.1.\u003c/p\u003e",
"content": "## Description\n\nKonversation est un client IRC (Internet Relay Chat) pour\nl\u0027environnement de bureau KDE. \nPlusieurs vuln\u00e9rabilit\u00e9s dans Konversation rendent possible le d\u00e9ni de\nservice ou l\u0027ex\u00e9cution de code arbitraire \u00e0 distance sur la plate-forme\nutilisant une version non corrig\u00e9e de Konversation.\n\n## Solution\n\nMettre \u00e0 jour Konversation en version 0.15.1 (cf. section\nDocumentation). \nKonversation est t\u00e9l\u00e9chargeable \u00e0 l\u0027adresse suivante :\n\n http://download.berlios.de/konversation/\n",
"cves": [],
"initial_release_date": "2005-01-24T00:00:00",
"last_revision_date": "2005-02-14T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE-SR:2005:004 du 11 f\u00e9vrier 2005 :",
"url": "http://www.novell.com/linux/security/advisories/2005_04_sr.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA 200501-34 du 24 janvier 2005 :",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200501-34.xml"
},
{
"title": "Site Internet de Konversation :",
"url": "http://konversation.berlios.de"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de Wouter Coekaerts :",
"url": "http://wouter.coekaerts.be/konversation.html"
}
],
"reference": "CERTA-2005-AVI-027",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2005-01-24T00:00:00.000000"
},
{
"description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Gentoo GLSA 200501-34.",
"revision_date": "2005-01-25T00:00:00.000000"
},
{
"description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 SUSE SUSE-SR:2005:004.",
"revision_date": "2005-02-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": null,
"title": "Vuln\u00e9rabilit\u00e9 de Konversation",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 KDE du 21 janvier 2005",
"url": "http://www.kde.org/info/security/advisory-20050121-1.txt"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…