------------------------------------------------------------
Arch Linux Security Warning ALSW 2007-#24
------------------------------------------------------------

Name: kdelibs
Date: 2007-04-05
Severity: Medium
Warning #: 2007-#24

------------------------------------------------------------

Product Background
===================
KDE Core Libraries

Problem Background
===================
The KDE FTP ioslave parses the host address in the PASV response
of a FTP server response. mark from bindshell.net pointed
out that this could be exploited via JavaScript for automated
port scanning.

Impact
=========
Untrusted sites or sites that allow Javascript injection
could cause Konqueror or other web browsers based on KHTML
to perform port scanning.

Problem Packages
===================
Package: kdelibs
Repo: extra
Group: kde
Unsafe: <= 3.5.6-6
Safe: Only patched

This bug is related to #6595 (ALSW #13); the first part of the patch was applied to addres previous issue, but the second part of patch (in file kioslave/ftp/ftp.cc ) wasn't added.

Package Fix
===================
Apply the patch ftp://ftp.kde.org/pub/kde/security_patches/CVE-2007-1564-kdelibs-3.5.6.diff
First part of this patch is applied on http://cvs.archlinux.org/cgi-bin/viewcvs.cgi/kde/kdelibs/post-3.5.6.diff?rev=1.3&cvsroot=Extra&only_with_tag=CURRENT&content-type=text/vnd.viewcvs-markup

===================

Unofficial ArchLinux Security Bug Tracker:
http://jjdanimoth.netsons.org/alsw.html

Reference(s)
===================
http://www.kde.org/info/security/advisory-20070326-1.txt