Lucene search
UbuntuUSN-517-1HistorySep 25, 2007 - 12:00 a.m.
kdm vulnerability
2007-09-2500:00:00
ubuntu.com
35
Releases
- Ubuntu 7.04
- Ubuntu 6.10
- Ubuntu 6.06
Packages
- kdebase -
Details
It was discovered that KDM would allow logins without password checks
under certain circumstances. If autologin was configured, and “shutdown
with password” enabled, a local user could exploit the problem and gain
root privileges.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 7.04 | noarch | kdm | < 4:3.5.6-0ubuntu20.4 | UNKNOWN |
| Ubuntu | 7.04 | noarch | kappfinder | < 4:3.5.6-0ubuntu20.4 | UNKNOWN |
| Ubuntu | 7.04 | noarch | kate | < 4:3.5.6-0ubuntu20.4 | UNKNOWN |
| Ubuntu | 7.04 | noarch | kcontrol | < 4:3.5.6-0ubuntu20.4 | UNKNOWN |
| Ubuntu | 7.04 | noarch | kdebase-bin | < 4:3.5.6-0ubuntu20.4 | UNKNOWN |
| Ubuntu | 7.04 | noarch | kdebase-dbg | < 4:3.5.6-0ubuntu20.4 | UNKNOWN |
| Ubuntu | 7.04 | noarch | kdebase-dev | < 4:3.5.6-0ubuntu20.4 | UNKNOWN |
| Ubuntu | 7.04 | noarch | kdebase-kio-plugins | < 4:3.5.6-0ubuntu20.4 | UNKNOWN |
| Ubuntu | 7.04 | noarch | kdepasswd | < 4:3.5.6-0ubuntu20.4 | UNKNOWN |
| Ubuntu | 7.04 | noarch | kdeprint | < 4:3.5.6-0ubuntu20.4 | UNKNOWN |
References
Related
openvas
openvas
Mandriva Update for kdebase MDKSA-2007:190 (kdebase)
2009-04-09 00:00:00
FreeBSD Ports: kdebase3
2008-09-04 00:00:00
Mandriva Update for kdebase MDKSA-2007:190 (kdebase)
2009-04-09 00:00:00
nessus
nessus
GLSA-200710-15 : KDM: Local privilege escalation
2007-10-15 00:00:00
Mandrake Linux Security Advisory : kdebase (MDKSA-2007:190)
2007-10-03 00:00:00
Debian DSA-1376-1 : kdebase - programming error
2007-09-24 00:00:00
securityvulns
securityvulns
[USN-517-1] kdm vulnerability
2007-09-25 00:00:00
KDE kdm privilege escalation
2007-09-25 00:00:00
debian
debian
[SECURITY] [DSA 1376-1] New kdebase packages fix authentication bypass
2007-09-21 00:00:00
cve
cve
CVE-2007-4569
2007-09-21 19:17:00
osv
osv
kdebase - programming error
2007-09-21 00:00:00
veracode
veracode
Authentication Bypass
2020-04-10 00:20:42
prion
prion
Design/Logic Flaw
2007-09-21 19:17:00
ubuntucve
ubuntucve
CVE-2007-4569
2007-09-21 00:00:00
gentoo
gentoo
KDM: Local privilege escalation
2007-10-14 00:00:00
freebsd
freebsd
kdm -- passwordless login vulnerability
2007-09-19 00:00:00
redhat
redhat
(RHSA-2007:0905) Moderate: kdebase security update
2007-10-08 00:00:00
centos
centos
kdebase security update
2007-10-08 18:50:43
fedora
fedora
[SECURITY] Fedora Core 6 Update: kdebase-3.5.7-1.fc6
2007-10-08 13:58:41
[SECURITY] Fedora 7 Update: kdebase-3.5.7-13.1.fc7
2007-10-04 18:43:48
[SECURITY] Fedora 7 Update: kdebase-3.5.8-3.fc7
2007-11-13 00:05:02
oraclelinux
oraclelinux
Moderate: kdebase security update
2007-10-08 00:00:00
slackware
slackware
[slackware-security] kdebase, kdelibs
2007-09-22 00:42:42