Login Vulnerability in KDE 3.3.0 through 3.5.7

Sep 20, 2007

Anika Kehrer

The KDE Display Manager (KDM) can be exploited to allow users to log in without a password. This would give users the ability to log in as other users or even root.

The threat affects password-protected accounts in specific conditions; for example if auto-login is configured and the function "shutdown with password" is enabled. The vulnerability which as been assigned the CVE ID 2007-4569 was disclosed on the KDE Announce mailing list.

It affects KDE versions 3.3.0 through 3.5.7. Older or newer versions are not affected. Source code patches are available for KDE 3.5.0 through KDE 3.5.7 and for KDE 3.3.0 through KDE 3.4.2 on the KDE project's FTP server.

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

News

Linux Mint 22.3 Now Available with New Tools

Administration , Linux mint , Tools

Linux Mint 22.3 has been released with a pair of new tools for system admins and some pretty cool new features.
New Linux Malware Targets Cloud-Based Linux Installations

Cloud , Linux , malware

VoidLink, a new Linux malware, should be of real concern because of its stealth and customization.
Say Goodbye to Middle-Mouse Paste

Firefox , Gnome , Security

Both Gnome and Firefox have proposed getting rid of a long-time favorite Linux feature.
Manjaro 26.0 Primary Desktop Environments Default to Wayland

Desktop , Manjaro Linux , Wayland

If you want to stick with X.Org, you'll be limited to the desktop environments you can choose.
Mozilla Plans to AI-ify Firefox

Artificial Inte... , Firefox , privacy

With a new CEO in control, Mozilla is doubling down on a strategy of trust, all the while leaning into AI.
Gnome Says No to AI-Generated Extensions

Artificial Inte... , Gnome , LLM

If you're a developer wanting to create a new Gnome extension, you'd best set aside that AI code generator, because the extension team will have none of that.
Parrot OS Switches to KDE Plasma Desktop

Linux , Parrot OS , Plasma

Yet another distro is making the move to the KDE Plasma desktop.
TUXEDO Announces Gemini 17

Hardware , laptop , Linux

TUXEDO Computers has released the fourth generation of its Gemini laptop with plenty of updates.
Two New Distros Adopt Enlightenment

Desktop , Enlightenment , Linux

MX Moksha and AV Linux 25 join ranks with Bodhi Linux and embrace the Enlightenment desktop.
Solus Linux 4.8 Removes Python 2

Operating Systems , Python , Solus Linux

Solus Linux 4.8 has been released with the latest Linux kernel, updated desktops, and a key removal.

Login Vulnerability in KDE 3.3.0 through 3.5.7

Related content

Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

News

Linux Mint 22.3 Now Available with New Tools

New Linux Malware Targets Cloud-Based Linux Installations

Say Goodbye to Middle-Mouse Paste

Manjaro 26.0 Primary Desktop Environments Default to Wayland

Mozilla Plans to AI-ify Firefox

Gnome Says No to AI-Generated Extensions

Parrot OS Switches to KDE Plasma Desktop

TUXEDO Announces Gemini 17

Two New Distros Adopt Enlightenment

Solus Linux 4.8 Removes Python 2

Login Vulnerability in KDE 3.3.0 through 3.5.7

Related content

Subscribe to our Linux Newsletters Find Linux and Open Source Jobs Subscribe to our ADMIN Newsletters

Support Our Work

News

Tag Cloud

Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters