CVE-2005-0205

Publication date 2 May 2005

Last updated 17 July 2025


Ubuntu priority

KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of file descriptors before executing kppp.

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
kdenetwork 7.04 feisty
Not affected
6.10 edgy
Not affected
6.06 LTS dapper
Not affected