SCO Security Advisory

Subject: Linux: KDE SSL and XSS vulnerabilities
Advisory number: CSSA-2002-047.0
Issue date: 2002 November 15
Cross reference:
__________________________________________________ ____________________________


1. Problem Description

Konqueror's cross site scripting (XSS) protection fails to
initialize the domains on sub-(i)frames correctly. As a
result, Javascript can access any foreign subframe which is
defined in the HTML source.

KDE's SSL implementation fails to check the basic constraints
on certificates and as a result may accept certificates as
valid that were signed by an issuer who was not authorized to
do so.


2. Vulnerable Supported Versions

System Package
----------------------------------------------------------------------

OpenLinux 3.1.1 Server prior to kdelibs2-2.2.1-6.1.i386.rpm
prior to kdelibs2-devel-2.2.1-6.1.i386.rpm
prior to kdelibs2-devel-static-2.2.1-6.1.i386.rpm
prior to kdelibs2-doc-2.2.1-6.1.i386.rpm

OpenLinux 3.1.1 Workstation prior to kdelibs2-2.2.1-6.1.i386.rpm
prior to kdelibs2-devel-2.2.1-6.1.i386.rpm
prior to kdelibs2-devel-static-2.2.1-6.1.i386.rpm
prior to kdelibs2-doc-2.2.1-6.1.i386.rpm

OpenLinux 3.1 Server prior to kdelibs2-2.2.1-6.1.i386.rpm
prior to kdelibs2-devel-2.2.1-6.1.i386.rpm
prior to kdelibs2-devel-static-2.2.1-6.1.i386.rpm
prior to kdelibs2-doc-2.2.1-6.1.i386.rpm

OpenLinux 3.1 Workstation prior to kdelibs2-2.2.1-6.1.i386.rpm
prior to kdelibs2-devel-2.2.1-6.1.i386.rpm
prior to kdelibs2-devel-static-2.2.1-6.1.i386.rpm
prior to kdelibs2-doc-2.2.1-6.1.i386.rpm


3. Solution

The proper solution is to install the latest packages. Many
customers find it easier to use the Caldera System Updater, called
cupdate (or kcupdate under the KDE environment), to update these
packages rather than downloading and installing them by hand.


4. OpenLinux 3.1.1 Server

4.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLi...002-047.0/RPMS

4.2 Packages

a03fb8e34fde83b1a4f83124c2e4b041 kdelibs2-2.2.1-6.1.i386.rpm
6c4fc3be168073d33b7f62603b03e1a0 kdelibs2-devel-2.2.1-6.1.i386.rpm
0d16a2303715af4e5cee545a3f5fa5e4 kdelibs2-devel-static-2.2.1-6.1.i386.rpm
f8a1574f0b3d97c0272d935f0140ec3a kdelibs2-doc-2.2.1-6.1.i386.rpm

4.3 Installation

rpm -Fvh kdelibs2-2.2.1-6.1.i386.rpm
rpm -Fvh kdelibs2-devel-2.2.1-6.1.i386.rpm
rpm -Fvh kdelibs2-devel-static-2.2.1-6.1.i386.rpm
rpm -Fvh kdelibs2-doc-2.2.1-6.1.i386.rpm

4.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLi...02-047.0/SRPMS

4.5 Source Packages

2632e383fd006e4307b8d46b2755bfe1 kdelibs2-2.2.1-6.1.src.rpm


5. OpenLinux 3.1.1 Workstation

5.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLi...002-047.0/RPMS

5.2 Packages

510eeadb0430c083de57d6901e3b7ff4 kdelibs2-2.2.1-6.1.i386.rpm
37f6a6eafc2d62edac6e753effafaf69 kdelibs2-devel-2.2.1-6.1.i386.rpm
c870729596c35e570a1a376879694051 kdelibs2-devel-static-2.2.1-6.1.i386.rpm
ab5617edf321f2c97a297b59eb2353d5 kdelibs2-doc-2.2.1-6.1.i386.rpm

5.3 Installation

rpm -Fvh kdelibs2-2.2.1-6.1.i386.rpm
rpm -Fvh kdelibs2-devel-2.2.1-6.1.i386.rpm
rpm -Fvh kdelibs2-devel-static-2.2.1-6.1.i386.rpm
rpm -Fvh kdelibs2-doc-2.2.1-6.1.i386.rpm

5.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLi...02-047.0/SRPMS

5.5 Source Packages

23ef26f4c6d6f5a8110ad14ab35d97f3 kdelibs2-2.2.1-6.1.src.rpm


6. OpenLinux 3.1 Server

6.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLi...002-047.0/RPMS

6.2 Packages

f89476e89a490a817f9b9cb1d9f0d45e kdelibs2-2.2.1-6.1.i386.rpm
5e9b87afe1f433695900cf472b72b8ff kdelibs2-devel-2.2.1-6.1.i386.rpm
639d81f339d580246b47192dee39f323 kdelibs2-devel-static-2.2.1-6.1.i386.rpm
46bd0251cae1f20a1e9cf2968ec6b28b kdelibs2-doc-2.2.1-6.1.i386.rpm

6.3 Installation

rpm -Fvh kdelibs2-2.2.1-6.1.i386.rpm
rpm -Fvh kdelibs2-devel-2.2.1-6.1.i386.rpm
rpm -Fvh kdelibs2-devel-static-2.2.1-6.1.i386.rpm
rpm -Fvh kdelibs2-doc-2.2.1-6.1.i386.rpm

6.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLi...02-047.0/SRPMS

6.5 Source Packages

b8db0bed5301c62f0c23a7299764daac kdelibs2-2.2.1-6.1.src.rpm


7. OpenLinux 3.1 Workstation

7.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLi...002-047.0/RPMS

7.2 Packages

c644ccee63d98f51c3c75153dac8f72b kdelibs2-2.2.1-6.1.i386.rpm
a9a6672a59132b7da2276fc84af4239e kdelibs2-devel-2.2.1-6.1.i386.rpm
ab1314c35f6a696f8ffc242f47c132a8 kdelibs2-devel-static-2.2.1-6.1.i386.rpm
97bda2eff3c2ed28d69c89f0f9e71e5d kdelibs2-doc-2.2.1-6.1.i386.rpm

7.3 Installation

rpm -Fvh kdelibs2-2.2.1-6.1.i386.rpm
rpm -Fvh kdelibs2-devel-2.2.1-6.1.i386.rpm
rpm -Fvh kdelibs2-devel-static-2.2.1-6.1.i386.rpm
rpm -Fvh kdelibs2-doc-2.2.1-6.1.i386.rpm

7.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLi...02-047.0/SRPMS

7.5 Source Packages

81ffd01431cb6b64f110790a515f6cee kdelibs2-2.2.1-6.1.src.rpm


8. References

Specific references for this advisory:

http://cve.mitre.org/cgi-bin/cvename...=CAN-2002-0970
http://cve.mitre.org/cgi-bin/cvename...=CAN-2002-1151
http://www.kde.org/info/security/adv...20020908-2.txt
http://www.kde.org/info/security/adv...20020818-1.txt

SCO security resources:
http://www.sco.com/support/security/index.html

This security fix closes SCO incidents sr868329, fz525911,
fz525926, erg712110, erg712107, erg712111, sr869190, fz526085,
erg712129.


9. Disclaimer

SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended
to promote secure installation and use of SCO products.

__________________________________________________ ____________________________


TseTse