6545 – sweeper, sends data over the net when running

Bug 6545 - sweeper, sends data over the net when running

Summary: sweeper, sends data over the net when running

Status:	RESOLVED OLD

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	RPM Packages (show other bugs)
Version:	2
Hardware:	x86_64 Linux

Priority:	Normal Severity: major
Target Milestone:	---
Assignee:	John Balcaen
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2012-06-23 08:13 CEST by roger Mr cooper
Modified:	2013-11-23 16:14 CET (History)
CC List:	1 user (show)

See Also:
Source RPM:	sweeper
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description roger Mr cooper 2012-06-23 08:13:59 CEST

Description of problem:

Version-Release number of selected component (if applicable):

Name : sweeper
Version : 4.8.2
Release : 1.mga2
Architecture: x86_64
Install Date: Sat 23 Jun 2012 12:02:35 AM CDT
Group : Graphical desktop/KDE
Size : 109547
License : GPLv2 and LGPLv2
Signature : RSA/SHA1, Fri 06 Apr 2012 11:41:10 AM CDT, Key ID b742fa8b80420f66
Source RPM : sweeper-4.8.2-1.mga2.src.rpm
Build Date : Fri 06 Apr 2012 11:38:44 AM CDT
Build Host : ecosse.mageia.org
Relocations : (not relocatable)
Packager : tmb <tmb>
Vendor : Mageia.Org
URL : http://www.kde.org/applications/utilities/sweeper/
Summary : KDE System Cleaner

How reproducible:
run program in commend line
execute the program with no network connections, you will get an error saying on the command line that it was trying to connect to the web.

The following is the error reported back to you in the command line terminal using standard user acct

-----------------------------------------------------------------------

_IceTransSocketUNIXConnect: Cannot Connect to non-local host localhost
_IceTransSocketUNIXConnect: Cannot Connect to non-local host localhost
Qt: Session management error: Could not open network socket

After connection if you log into root terminal and run mcc command it will say that root x is not running.

After running this program i rebooted the system and it failed to shut down.
After rebooting changes were noticed in the mcc security settings. Remote root was selected as on without password. The security changes have been noted on only one system, and I was not able to reproduce them on the other computer I tested at this time.

However the root x display system went down on both systems and was duplicated.
You can duplicate this by logging into root using the su - command in a new command prompt run the mcc command. This should display the x version of mcc in your local user x session and it says root x is turned off.

The question is why is sweeper trying to access the web, this program has never done this in the past under the other linux distros I have tested.
results show that it may be a possible back door, or trojan to gain access to user account.

At this point in time I have not checked the log files of the systems effected with this fault. And I have not done a packet stiff to see what the data is, that is being sent out.

This is a critical problem and needs to be duplicated on other systems than just the two i have tested so far.

Comment 1 Remco Rijnders 2012-06-23 09:34:06 CEST

Hi Roger,

It looks like sweeper is trying to connect to "localhost", being your own computer. I do not know why it is doing this, but will note that local sockets are a common and normal way for processes on a unix box to communicate with each other. I have the feeling this might be a bit of a red herring we're looking at and that the other observed issues are unrelated to running sweeper.

@tmb, any ideas?

CC: (none) => tmb
Summary: Sends data over the web when executed. => sweeper, sends data over the net when running

Manuel Hiebel 2012-06-25 03:08:24 CEST

Assignee: bugsquad => balcaen.john
Severity: critical => major

Comment 2 Manuel Hiebel 2013-10-22 12:11:39 CEST

This message is a reminder that Mageia 2 is nearing its end of life.
Approximately one month from now Mageia will stop maintaining and issuing updates for Mageia 2. At that time this bug will be closed as WONTFIX (EOL) if it remains open with a Mageia 'version' of '2'.

Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Mageia version prior to Mageia 2's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Mageia 2 is end of life.  If you would still like to see this bug fixed and are able to reproduce it against a later version of Mageia, you are encouraged to click on "Version" and change it against that version of Mageia.

Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Mageia release includes newer upstream software that fixes bugs or makes them obsolete.

-- 
The Mageia Bugsquad

Comment 3 Manuel Hiebel 2013-11-23 16:14:52 CET

Mageia 2 changed to end-of-life (EOL) status on ''22 November''. Mageia 2 is no
longer maintained, which means that it will not receive any further security or
bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of Mageia
please feel free to click on "Version" change it against that version of Mageia
and reopen this bug.

Thank you for reporting this bug and we are sorry it could not be fixed.

--
The Mageia Bugsquad

Status: NEW => RESOLVED
Resolution: (none) => OLD

Note You need to log in before you can comment on or make changes to this bug.