CVE-2007-4569

EPSS 0.2%
Veröffentlicht 21.09.2007 19:17:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is configured and "shutdown with password" is enabled, allows remote attackers to bypass the password requirement and login to arbitrary accounts via unspecified vectors.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 28

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Kde ≫ Kde Version3.3

Kde ≫ Kde Version3.3.0

Kde ≫ Kde Version3.3.1

Kde ≫ Kde Version3.3.2

Kde ≫ Kde Version3.4

Kde ≫ Kde Version3.4.0

Kde ≫ Kde Version3.4.1

Kde ≫ Kde Version3.4.2

Kde ≫ Kde Version3.4.3

Kde ≫ Kde Version3.5

Kde ≫ Kde Version3.5.0

Kde ≫ Kde Version3.5.1

Kde ≫ Kde Version3.5.2

Kde ≫ Kde Version3.5.3

Kde ≫ Kde Version3.5.4

Kde ≫ Kde Version3.5.5

Kde ≫ Kde Version3.5.6

Kde ≫ Kde Version3.5.7

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.2%	0.388

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	3.1	10	AV:L/AC:L/Au:S/C:C/I:C/A:C

http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html

http://secunia.com/advisories/27271

http://secunia.com/advisories/27089

http://secunia.com/advisories/27096

http://secunia.com/advisories/27106

http://www.redhat.com/support/errata/RHSA-2007-0905.html

https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.html

https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.html

http://secunia.com/advisories/26894

http://secunia.com/advisories/26904

http://secunia.com/advisories/26915

http://secunia.com/advisories/26929

http://secunia.com/advisories/26977

http://secunia.com/advisories/27180

http://security.gentoo.org/glsa/glsa-200710-15.xml

http://securitytracker.com/id?1018724

http://www.debian.org/security/2007/dsa-1376

http://www.kde.org/info/security/advisory-20070919-1.txt

Patch

Vendor Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2007:190

http://www.securityfocus.com/bid/25730

Patch

http://www.ubuntu.com/usn/usn-517-1

http://www.vupen.com/english/advisories/2007/3227

https://exchange.xforce.ibmcloud.com/vulnerabilities/36711

https://issues.rpath.com/browse/RPL-1725

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10359

https://nvd.nist.gov/vuln/detail/CVE-2007-4569

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-4569

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-4569

EUVD