Vulnerability Details CVE-2016-3100
kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.4%
CVSS Severity
CVSS v3 Score 8.4
CVSS v2 Score 2.1
References
- http://lists.opensuse.org/opensuse-updates/2016-07/msg00001.html
- http://www.kde.com/announcements/kde-frameworks-5.23.0.php
- http://www.securityfocus.com/bid/91769
- https://bugs.kde.org/show_bug.cgi?id=358593
- https://bugs.kde.org/show_bug.cgi?id=363140
- https://quickgit.kde.org/?p=kinit.git&a=commitdiff&h=72f3702dbe6cf15c06dc13da2c99c864e9022a58
- https://quickgit.kde.org/?p=kinit.git&a=commitdiff&h=dece8fd89979cd1a86c03bcaceef6e9221e8d8cd
- https://www.kde.org/info/security/advisory-20160621-1.txt
- http://lists.opensuse.org/opensuse-updates/2016-07/msg00001.html
- http://www.kde.com/announcements/kde-frameworks-5.23.0.php
- http://www.securityfocus.com/bid/91769
- https://bugs.kde.org/show_bug.cgi?id=358593
- https://bugs.kde.org/show_bug.cgi?id=363140
- https://quickgit.kde.org/?p=kinit.git&a=commitdiff&h=72f3702dbe6cf15c06dc13da2c99c864e9022a58
- https://quickgit.kde.org/?p=kinit.git&a=commitdiff&h=dece8fd89979cd1a86c03bcaceef6e9221e8d8cd
- https://www.kde.org/info/security/advisory-20160621-1.txt