CVE-2007-4569
N/A
N/A
Summary
backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is configured and "shutdown with password" is enabled, allows remote attackers to bypass the password requirement and login to arbitrary accounts via unspecified vectors.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://secunia.com/advisories/27271
- http://security.gentoo.org/glsa/glsa-200710-15.xml
- http://secunia.com/advisories/26904
- http://secunia.com/advisories/26894
- https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.html
- http://www.debian.org/security/2007/dsa-1376
- https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.html
- http://www.redhat.com/support/errata/RHSA-2007-0905.html
- http://secunia.com/advisories/27180
- http://secunia.com/advisories/26915
- http://www.kde.org/info/security/advisory-20070919-1.txt
- http://www.vupen.com/english/advisories/2007/3227
- http://secunia.com/advisories/26977
- http://secunia.com/advisories/27106
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10359
- http://secunia.com/advisories/26929
- http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html
- http://secunia.com/advisories/27089
- http://secunia.com/advisories/27096
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:190
- http://securitytracker.com/id?1018724
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36711
- http://www.ubuntu.com/usn/usn-517-1
- http://www.securityfocus.com/bid/25730
- https://issues.rpath.com/browse/RPL-1725
References
- http://secunia.com/advisories/27271
- http://security.gentoo.org/glsa/glsa-200710-15.xml
- http://secunia.com/advisories/26904
- http://secunia.com/advisories/26894
- https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.html
- http://www.debian.org/security/2007/dsa-1376
- https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.html
- http://www.redhat.com/support/errata/RHSA-2007-0905.html
- http://secunia.com/advisories/27180
- http://secunia.com/advisories/26915
- http://www.kde.org/info/security/advisory-20070919-1.txt
- http://www.vupen.com/english/advisories/2007/3227
- http://secunia.com/advisories/26977
- http://secunia.com/advisories/27106
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10359
- http://secunia.com/advisories/26929
- http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html
- http://secunia.com/advisories/27089
- http://secunia.com/advisories/27096
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:190
- http://securitytracker.com/id?1018724
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36711
- http://www.ubuntu.com/usn/usn-517-1
- http://www.securityfocus.com/bid/25730
- https://issues.rpath.com/browse/RPL-1725
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.