Debian Security Advisory 1376-1 - iKees Huijgen discovered that under certain circumstances KDM, an X session manage for KDE, it is possible for KDM to be tricked into allowing user logins without a password.
490fbb9332aa848c9c36f0ac94c6af9792e5dd2a801cddb4ffdff130febedee3