Mandrake Linux Security Advisory : kdebase (MDKSA-2007:190)

A vulnerability was discovered in KDM by Kees Huijgen where under certain circumstances and in particular configurations, KDM could be tricked into allowing users to login without a password. Updated packages have been patched to prevent this issue. %NASLMINLEVEL 70300 C Tenable Network Security,...

XFree86: xdm flaw; present in kdm

Hi, Just a minor one this. Discovered during a 5 minute pass of "xdm". I subsequently discovered "kdm" has copied the xdm core xdmcp code. I'm posting this because I think Caldera released an advisory, but a general discussion of the problem did not yet appear on Bugtraq. Further audit of kdm/xdm...