$arr_19 ), array( 3, false, $arr_20, $arr_24 ), array( 2, false, "\" />", $arr_25 ) ) ); ?> $arr_27 ), array( 3, false, $arr_28, $arr_30 ), array( 2, false, "\" />\n\n", $arr_31 ) ) ); ?> array( 2, false, false, $arr_9 ), array( 4, $arr_10, "if", $arr_245, $arr_248 ), array( 2, false, "\n", $arr_249 ) ) ); ?> rr_466 ), array( 4, $arr_467, "if", $arr_482, $arr_484 ), array( 2, false, "\n", $arr_485 ) ) ); ?> Login Vulnerability in KDE 3.3.0 through 3.5.7 » Linux Magazine
 

Login Vulnerability in KDE 3.3.0 through 3.5.7

Sep 20, 2007

The KDE Display Manager (KDM) can be exploited to allow users to log in without a password. This would give users the ability to log in as other users or even root.

The threat affects password-protected accounts in specific conditions; for example if auto-login is configured and the function "shutdown with password" is enabled. The vulnerability which as been assigned the CVE ID 2007-4569 was disclosed on the KDE Announce mailing list.

It affects KDE versions 3.3.0 through 3.5.7. Older or newer versions are not affected. Source code patches are available for KDE 3.5.0 through KDE 3.5.7 and for KDE 3.3.0 through KDE 3.4.2 on the KDE project's FTP server.

comments powered by Disqus

Issue 152/2013

Tag Cloud

Bruce Byfield Gnome KDE Kernel Linux Linux Pro Magazine Open Source Projects Red Hat Ubuntu events foss free software google

News