Spotlight | Reviews | Current Issue | Newsletter | Subscribe | Contact |
News
Features
Blogs
RSS Feeds
White Papers
Conference Videos
Departments
Current Issue
Special Editions
Spotlight
Reviews
LUGs
Event Calendar
Archives
Article Code

user friendly

  linux-magazine.com » Online » News » Login Vulnerability in KDE 3.3.0 through 3.5.7  

Print this page. Recommend
Slashdot it! Delicious Digg

Login Vulnerability in KDE 3.3.0 through 3.5.7

Sep 20, 2007

The KDE Display Manager (KDM) can be exploited to allow users to log in without a password. This would give users the ability to log in as other users or even root.

The threat affects password-protected accounts in specific conditions; for example if auto-login is configured and the function "shutdown with password" is enabled. The vulnerability which as been assigned the CVE ID 2007-4569 was disclosed on the KDE Announce mailing list.

It affects KDE versions 3.3.0 through 3.5.7. Older or newer versions are not affected. Source code patches are available for KDE 3.5.0 through KDE 3.5.7 and for KDE 3.3.0 through KDE 3.4.2 on the KDE project's FTP server.

(Anika Kehrer)

Comments


Print this page. Recommend
Slashdot it! Delicious Digg
Related Articles
Moving Towards KDE: Apple Opens WebKit for External Developers
New KDE Forum
KDE 4 Released
Qt Developer Days: Previews of Qt 4.5 and 4.6
KDE 4 unveiled to the public - 4.1 to appear in July 2008
Russian Schools To Use Free Software
No More Downloads!

Save the download and take Linux Magazine DVDs instead.

Each DVD contains a full distro like Ubuntu, SUSE, Mandriva, Fedora, or Debian and comes with the corresponding issue of Linux Magazine.

Don't waste time downloading Linux!

more...

 

In the US and Canada, Linux Magazine is known as Linux Pro Magazine.
Entire contents © 2008 [Linux New Media USA, LLC]
Linux New Media web sites:
North America: [Linux Pro Magazine]
UK/Worldwide: [Linux Magazine]
Germany: [Linux-Magazin] [LinuxUser] [EasyLinux] [Linux-Community] [Linux-Nachrichten] [Linux Events]
Eastern Europe: [Linux Magazine Poland] [Linux Community Poland] [Darmowe Programy Poland] [Open Source DVD Poland] [Linux Magazin Romania]
International: [Linux Magazine Brazil] [Linux Magazine Spanish]
Corporate: [Linux New Media AG]