Security Vulnerabilities in KDE 2.1-3.0.4, 3.1 RC3

Posted by timothy on Wednesday November 13, 2002 @07:21AM from the full-disclosure dept.

Paladin128 writes "The KDE Project today issued two security advisories which affect KDE versions 2.1 through KDE 3.0.4 (and also through KDE 3.1 RC3). The first advisory concerns the rlogin:// service and, for affected KDE 2.x systems, the telnet:// service. The second advisory concerns the LISa and resLISa network browsing applications. Binary packages for KDE 3.0.5 should be available by early next week (check the KDE 3.0.5 Info Page); in the interim it is recommended to disable the affected services or upgrade from the source code or patches. Read more here."

2 of 8 comments (clear)

Min score:

Reason:

Sort:

Unsecured telnet service? by reaper20 · 2002-11-13 07:26 · Score: 5, Funny

Man, I hope KDE fixes this, we can't have people sniffing out my packets as I telnet over the public internet. Whew!
1. Re:Unsecured telnet service? by MrResistor · 2002-11-13 08:43 · Score: 2
  
  A security advisement regarding telnet and rlogin does seem kind of redundant, doesn't it?
  
  --
  Under capitalism man exploits man. Under communism it's the other way around.