CVE-2005-0205
Publication date 2 May 2005
Last updated 17 July 2025
Ubuntu priority
KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of file descriptors before executing kppp.
Status
Package | Ubuntu Release | Status |
---|---|---|
kdenetwork | 7.04 feisty |
Not affected
|
6.10 edgy |
Not affected
|
|
6.06 LTS dapper |
Not affected
|