Saturday, February 27, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Unpatched KDE vulnerability disclosed on Twitter

August 6, 2019
in Internet Security
Unpatched KDE vulnerability disclosed on Twitter
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Image credits: KDE (logo), Kubuntu (background)

A security researcher has published proof-of-concept (PoC) code for a vulnerability in the KDE software framework. A fix is not available at the time of writing.

The bug was discovered by Dominik “zer0pwn” Penner and impacts the KDE Frameworks package 5.60.0 and below.

You might also like

Chrome will soon try HTTPS first when you type an incomplete URL

Go malware is now common, having been adopted by both APTs and e-crime groups

Why your diversity and inclusion efforts should include neurodiverse workers

The KDE Frameworks software library is at the base of the KDE desktop environment v4 and v5 (Plasma), currently included with several Linux distributions such as Kubuntu, openSUSE, OpenMandriva, Chakra, KaOS, and others.

How the vulnerability works

The vulnerability occurs because of the way the KDesktopFile class (part of KDE Frameworks) handles .desktop or .directory files.

Penner discovered that he could create malicious .desktop and .directory files that could be used to run malicious code on a user’s computer.

When a user opens the KDE file viewer to access the directory where these files are stored, the malicious code contained within the .desktop or .directory files executes without user interaction — such as running the file.

“Browsing to a folder via Dolphin (the KDE GUI file manager) which contains a malicious .desktop file is enough to get code execution,” Alex Murray, Tech Lead for the Ubuntu Security team, told ZDNet, after we asked him to verify the vulnerability yesterday.

In a technical write-up of the bug that Penner published on GitHub, the researcher says the vulnerability can be used to place shell commands inside the standard “Icon” entries found in .desktop and .directory files

The researcher said KDE “will execute our command whenever the file is viewed.” A demo of an attack is available below, recorded by Penner.

Some social engineering needed, but it’s an easy attack

The exploitation scenario involves some social engineering to trick a user into downloading these malicious files, but the advantage to this technique is that the user does not have to interact or open these files.

Some security experts have played down the bug’s importance because it requires tricking users into downloading .desktop and .directory files — both of which are very uncommon downloads and will arrouse suspicions with most tech-savvy Linux users.

However, Murray told us the malicious files can also be hidden inside ZIP or TAR archives. A user might think he’s downloading an archive of legitimate files, but be unaware that it may also hide malicious .desktop or .directory files.

Once the user unzips the archive and views its content, the malicious code executes without the target’s knowledge or the target having to take any other actions.

Furthermore, exploit kits can also be employed to download the file on users’ systems without interaction.

Researcher did not notify KDE team

In an interview with ZDNet yesterday, Penner explained the motives of publishing the details around this bug without contacting the KDE team beforehand.

“I mainly just wanted to drop a 0day before Defcon [a security conference],” Penner told us. “”I do plan on reporting it, but the issue is more of a design flaw than an actual vulnerability, despite what it can do.”

ZDNet notified two members of the KDE team about this vulnerability yesterday, but we have not heard back.

“To be honest, I was debating on going into the code and making the change myself considering KDE is open source,” Penner told ZDNet.

Similar bugs have impacted Linux distros in the past

Over the past few years, there has been a whole class of security flaws impacting Linux desktop environments caused by libraries which handle the operations associated with displaying files or thumbnails inside the OS desktop GUI.

Bugs in parsing file metadata or rendering image thumbnails have often been found. Most of the time, these bugs occur without any user interaction and are triggered just by accessing the folder where the malicious file resides — similar to the bug that Penner discovered.

For example, in November 2016, security researcher Chris Evans found that Fedora’s Tracker and Gstreamer frameworks, part of Fedora’s desktop environemnt, were allowing code execution when users accessed a folder containing malicious video files.

A month later, Evans found another similar bug that impacted both Fedora and Ubuntu, this time, exploitable via audio files.

In 2017, German IT expert Nils Dagsson Moskopp found the “Bad Taste” vulnerability, which triggered code execution on Linux desktops utilizing the GNOME Files file viewer, when users viewed a Windows MSI file — out of all things.

Penner’s vulnerability is not unique, and certainly not unique to Linux systems. Problems with sanitizing file content and file metadata to remove possible hiding spots for malicious still plague Windows as well, and they’ll likely plague operating systems for years to come.

More vulnerability reports:


Credit: Zdnet

Previous Post

New Flaws in Qualcomm Chips Expose Millions of Android Devices to Hacking

Next Post

Detailed guide to using Dask for data science and machine learning

Related Posts

Chrome will soon try HTTPS first when you type an incomplete URL
Internet Security

Chrome will soon try HTTPS first when you type an incomplete URL

February 27, 2021
Go malware is now common, having been adopted by both APTs and e-crime groups
Internet Security

Go malware is now common, having been adopted by both APTs and e-crime groups

February 27, 2021
Why your diversity and inclusion efforts should include neurodiverse workers
Internet Security

Why your diversity and inclusion efforts should include neurodiverse workers

February 26, 2021
Attorney-General urged to produce facts on US law enforcement access to COVIDSafe
Internet Security

Attorney-General urged to produce facts on US law enforcement access to COVIDSafe

February 26, 2021
This chart shows the connections between cybercrime groups
Internet Security

This chart shows the connections between cybercrime groups

February 26, 2021
Next Post
Detailed guide to using Dask for data science and machine learning

Detailed guide to using Dask for data science and machine learning

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Chrome will soon try HTTPS first when you type an incomplete URL
Internet Security

Chrome will soon try HTTPS first when you type an incomplete URL

February 27, 2021
Cisco Releases Security Patches for Critical Flaws Affecting its Products
Internet Privacy

Cisco Releases Security Patches for Critical Flaws Affecting its Products

February 27, 2021
Levels of Measurement (Nominal, Ordinal, Interval, Ratio) in Statistics
Data Science

Levels of Measurement (Nominal, Ordinal, Interval, Ratio) in Statistics

February 27, 2021
An Epic cognitive computing platform primer
Machine Learning

An Epic cognitive computing platform primer

February 27, 2021
Tackling ethics in AI algorithms: the case of Salesforce | by Iflexion | Feb, 2021
Neural Networks

Tackling ethics in AI algorithms: the case of Salesforce | by Iflexion | Feb, 2021

February 27, 2021
Take our martech survey: Friday’s daily brief
Digital Marketing

Take our martech survey: Friday’s daily brief

February 27, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Chrome will soon try HTTPS first when you type an incomplete URL February 27, 2021
  • Cisco Releases Security Patches for Critical Flaws Affecting its Products February 27, 2021
  • Levels of Measurement (Nominal, Ordinal, Interval, Ratio) in Statistics February 27, 2021
  • An Epic cognitive computing platform primer February 27, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates