CVE-1999-0780 in KDEinfo

Summary

by MITRE

KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Analysis

by VulDB Data Team • 04/17/2026

The vulnerability described in CVE-1999-0780 represents a critical privilege escalation and process manipulation flaw within the KDE desktop environment's klock application. This issue specifically affects the klock utility which is designed to display a digital clock and handle screen locking functionality within the KDE desktop environment. The vulnerability stems from improper input validation and privilege handling within the application's file processing mechanism.

The technical flaw occurs when the klock application reads a .kss.pid file that contains a process identifier value. This file is typically used to store the process ID of the screen saver or clock application itself. However, due to insufficient validation of the PID value contained within this file, a local attacker can manipulate the contents to specify any arbitrary process identifier. When klock processes this maliciously crafted file, it attempts to send signals to the specified process, effectively allowing the attacker to kill arbitrary processes running on the system with the privileges of the user running klock.

This vulnerability operates under the principle of insufficient input validation and improper privilege handling, which aligns with CWE-20 - Improper Input Validation and CWE-264 - Permissions, Privileges, and Access Controls. The flaw essentially allows a local user to escalate their privileges to the level of the target process, potentially enabling them to kill system processes or applications running with higher privileges than their own user account. The attack vector is straightforward requiring only local access to manipulate the .kss.pid file and execute the klock application.

The operational impact of this vulnerability extends beyond simple process termination, as it can be leveraged to disrupt system operations and potentially compromise the integrity of running applications. An attacker could target critical system processes, causing system instability or denial of service conditions. The vulnerability also presents a risk for privilege escalation scenarios where an attacker might target processes running with elevated privileges, though the effectiveness would depend on the specific privileges of the target processes. This issue demonstrates a fundamental flaw in how the klock application handles user-controlled input and validates process identifiers, creating a pathway for unauthorized process manipulation.

Mitigation strategies for this vulnerability should focus on implementing proper input validation and privilege separation within the klock application. System administrators should ensure that the klock application and its associated files are properly secured with appropriate file permissions to prevent unauthorized modification. The recommended approach includes validating all process identifiers read from external files, implementing proper privilege checks before executing process manipulation operations, and ensuring that the application does not run with unnecessary elevated privileges. Additionally, the .kss.pid file should be protected with restrictive permissions and monitored for unauthorized changes. This vulnerability highlights the importance of input validation and privilege separation in desktop environment applications, as outlined in the ATT&CK framework under T1068 - Exploitation for Privilege Escalation and T1489 - Service Stop. The issue also underscores the necessity of following secure coding practices to prevent similar vulnerabilities in desktop applications and system utilities.

Disclosure

11/18/1998

Moderation

accepted

Entry

VDB-14258

CPE

ready

EPSS

0.00323

KEV

no

Activities

very low

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!