CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module.

Product Status

Learn more

Information not provided

References 13 Total

distro.conectiva.com.br: CLA-2003:747
external site
vendor-advisory
oval.cisecurity.org: oval:org.mitre.oval:def:193
external site
vdb-entrysignature
marc.info: 20030916 [KDE SECURITY ADVISORY] KDM vulnerabilities
external site
mailing-list
debian.org: DSA-443
external site
vendor-advisory
redhat.com: RHSA-2003:289
external site
vendor-advisory
http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html
external site
redhat.com: RHSA-2003:287
external site
vendor-advisory
redhat.com: RHSA-2003:270
external site
vendor-advisory
redhat.com: RHSA-2003:286
external site
vendor-advisory
debian.org: DSA-388
external site
vendor-advisory
mandriva.com: MDKSA-2003:091
external site
vendor-advisory
http://www.kde.org/info/security/advisory-20030916-1.txt
external site
redhat.com: RHSA-2003:288
external site
vendor-advisory

Updated: 2024-08-08

This container includes required additional information provided by the CVE Program for this vulnerability.

References 13 Total

distro.conectiva.com.br: CLA-2003:747
external site
vendor-advisoryx_transferred
oval.cisecurity.org: oval:org.mitre.oval:def:193
external site
vdb-entrysignaturex_transferred
marc.info: 20030916 [KDE SECURITY ADVISORY] KDM vulnerabilities
external site
mailing-listx_transferred
debian.org: DSA-443
external site
vendor-advisoryx_transferred
redhat.com: RHSA-2003:289
external site
vendor-advisoryx_transferred
http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html
external site
x_transferred
redhat.com: RHSA-2003:287
external site
vendor-advisoryx_transferred
redhat.com: RHSA-2003:270
external site
vendor-advisoryx_transferred
redhat.com: RHSA-2003:286
external site
vendor-advisoryx_transferred
debian.org: DSA-388
external site
vendor-advisoryx_transferred
mandriva.com: MDKSA-2003:091
external site
vendor-advisoryx_transferred
http://www.kde.org/info/security/advisory-20030916-1.txt
external site
x_transferred
redhat.com: RHSA-2003:288
external site
vendor-advisoryx_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: MITRE Corporation

Description

Product Status

References 13 Total

CVE Program

References 13 Total