6.8

CVE-2007-4569

backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is configured and "shutdown with password" is enabled, allows remote attackers to bypass the password requirement and login to arbitrary accounts via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
KdeKde Version3.3
KdeKde Version3.3.0
KdeKde Version3.3.1
KdeKde Version3.3.2
KdeKde Version3.4
KdeKde Version3.4.0
KdeKde Version3.4.1
KdeKde Version3.4.2
KdeKde Version3.4.3
KdeKde Version3.5
KdeKde Version3.5.0
KdeKde Version3.5.1
KdeKde Version3.5.2
KdeKde Version3.5.3
KdeKde Version3.5.4
KdeKde Version3.5.5
KdeKde Version3.5.6
KdeKde Version3.5.7
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.02% 0.587
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 3.1 10
AV:L/AC:L/Au:S/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html
http://secunia.com/advisories/27271
http://secunia.com/advisories/27089
http://secunia.com/advisories/27096
http://secunia.com/advisories/27106
http://www.redhat.com/support/errata/RHSA-2007-0905.html
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.html
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.html
http://secunia.com/advisories/26894
http://secunia.com/advisories/26904
http://secunia.com/advisories/26915
http://secunia.com/advisories/26929
http://secunia.com/advisories/26977
http://secunia.com/advisories/27180
http://security.gentoo.org/glsa/glsa-200710-15.xml
http://securitytracker.com/id?1018724
http://www.debian.org/security/2007/dsa-1376
http://www.kde.org/info/security/advisory-20070919-1.txt
Patch
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:190
http://www.securityfocus.com/bid/25730
Patch
http://www.ubuntu.com/usn/usn-517-1
http://www.vupen.com/english/advisories/2007/3227
https://exchange.xforce.ibmcloud.com/vulnerabilities/36711
https://issues.rpath.com/browse/RPL-1725
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10359