what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2007-4569

Status Candidate

Overview

backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is configured and "shutdown with password" is enabled, allows remote attackers to bypass the password requirement and login to arbitrary accounts via unspecified vectors.

Related Files

Gentoo Linux Security Advisory 200710-15
Posted Oct 15, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-15 - Kees Huijgen discovered an error when checking the credentials which can lead to a login without specifying a password. This only occurs when auto login is configured for at least one user and a password is required to shut down the machine. Versions less than 3.5.7-r2 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-4569
SHA-256 | e6bc177e9d92d66ab70607d57bf4f3331b6dca6dd6d0981a73fb4dd471b22b02
Mandriva Linux Security Advisory 2007.190
Posted Sep 30, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A vulnerability was discovered in KDM by Kees Huijgen where under certain circumstances and in particular configurations, KDM could be tricked into allowing users to login without a password.

tags | advisory
systems | linux, mandriva
advisories | CVE-2007-4569
SHA-256 | 282e85a63e64b85c7cc421aee20e564b2296562cd10fd53bc8702125c618ef7f
Ubuntu Security Notice 517-1
Posted Sep 25, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 517-1 - It was discovered that KDM would allow logins without password checks under certain circumstances. If autologin was configured, and "shutdown with password" enabled, a local user could exploit the problem and gain root privileges.

tags | advisory, local, root
systems | linux, ubuntu
advisories | CVE-2007-4569
SHA-256 | 2e499c39af92314ba00ebfd200df3e288acfad726cd2c6476eb83f94de02fa4b
Debian Linux Security Advisory 1376-1
Posted Sep 25, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1376-1 - iKees Huijgen discovered that under certain circumstances KDM, an X session manage for KDE, it is possible for KDM to be tricked into allowing user logins without a password.

tags | advisory
systems | linux, debian
advisories | CVE-2007-4569
SHA-256 | 490fbb9332aa848c9c36f0ac94c6af9792e5dd2a801cddb4ffdff130febedee3
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close