TechTarget

Critical flaw hits Red Hat and Novell Linux

Red Hat and Novell have released patches for a critical security hole in their Linux distributions, which stems from a vulnerability in the KDE desktop environment.

Red Hat and Novell have released patches for a critical security hole in their Linux distributions, which stems from a vulnerability in the KDE desktop environment.

KDE is a user interface product used with several versions of Unix and Linux.

The KDE hole was discovered last week and given a “critical” rating by the French Security Incident Response Team (FrSIRT).

The flaw affects the Javascript engine used in various parts of KDE, including the Konqueror web browser.

The flaw can allow a remote attacker to launch a buffer overflow attack and run arbitrary code on the user’s machine.

Users can disable Javascript in the Konqueror browser as a workaround, but some websites may not display properly as a result, so installing a patch is preferable.

The problem affects version 4 of Red Hat Enterprise Linux AS, ES and WS, and also Version 4 of Red Hat Desktop. In addition, the 10.0, 9.3, 9.2 and 9.1 versions of Novell SuSE Linux are affected.

KDE has also released patches for the flaw, which affects KDE 3.2.0 up to and including KDE 3.5.0.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close