COMMAND

    KDE K-Mail

SYSTEMS AFFECTED

    KDE 1.1 and earlier

PROBLEM

    Internet  Security   Systems  (ISS)   X-Force  has   discovered  a
    vulnerability in KDE's K-Mail mail  user agent software. KDE is  a
    very popular  window manager  available for  most Unix  platforms,
    and provides an  easy-to-use interface and  a number of  graphical
    front  ends  to  common  command-line  Unix  applications.  K-Mail
    contains  a  vulnerability  that  may  allow  local  attackers  to
    compromise the UID of whoever is running K-Mail.  The mail  client
    creates insecure temporary directories that are used to store MIME
    encoded files.

    When  K-Mail  receives  an  e-mail  with attachments, it creates a
    directory to store the attachments.   K-Mail does not verify  that
    the directory already  exists, and is  willing to follow  symbolic
    links, allowing local attackers to create files with the  contents
    they  choose  in  any  directory  writable  by  the user executing
    K-Mail.  If K-Mail is  run as root, unauthorized superuser  access
    may be obtained.

SOLUTION

    KDE  has  a  patch  that  addresses  this vulnerability. It can be
    retrieved at:

        ftp://ftp.kde.org/pub/kde/security_patches/kmail-security-patch.diff