CVE-2001-0178

Published: Mar 26, 2001Modified: Apr 16, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.

Affected (13)

Products: Conectiva: Linux · Caldera: Openlinux Edesktop · Mandrakesoft: Mandrake Linux, Mandrake Linux Corporate Server · +1 more

Show all products

Conectiva: Linux · Caldera: Openlinux Edesktop · Mandrakesoft: Mandrake Linux, Mandrake Linux Corporate Server · Suse: Suse Linux

1 product

1 product

2 products

Mandrake Linux Corporate Server

Suse

1 product

Suse Linux

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Conectiva Linux	Version 6.0

Configuration B

12 vulnerable

Vulnerable Software	Affected Versions
Caldera Openlinux Edesktop	Version 2.4
Mandrakesoft Mandrake Linux	Version 6.1
Mandrakesoft Mandrake Linux	Version 7.0
Mandrakesoft Mandrake Linux	Version 7.1
Mandrakesoft Mandrake Linux	Version 7.2
Mandrakesoft Mandrake Linux Corporate Server	Version 1.0.1
Suse Suse Linux	Version 6.0
Suse Suse Linux	Version 6.1
Suse Suse Linux	Version 6.2
Suse Suse Linux	Version 6.3
Suse Suse Linux	Version 6.4
Suse Suse Linux	Version 7.0