Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcore_externalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related commands, while KDE Partition Manager is running. the mount command can then be used to gain full root privileges.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
KDE Partition Manager 命令注入漏洞
Vulnerability Description
KDE Partition Manager是KDE社区的一个Linux下的磁盘分区软件。该软件可以对磁盘、分区以及文件系统进行管理,可以创建、删除、复制、备份和恢复分区,支持各种分区格式,包括:(ext2/3, reiserfs, NTFS, FAT32, 等)。 KDE Partition Manager 4.1.0 至 4.2.0版本存在命令注入漏洞,该漏洞允许本地计算机上的攻击者可以替换/etc/fstab并执行安装和其他与分区相关的命令,然后,可以使用mount命令获取完整的root特权。
CVSS Information
N/A
Vulnerability Type
N/A