Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2003-0690

Published: 06/10/2003 Updated: 11/10/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Kde

Vulnerability Summary

KDM in KDE 3.1.3 and previous versions does not verify whether the pam_setcred function call succeeds, which may allow malicious users to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module.

Vulnerable Product Search on Vulmon Subscribe to Product

kde kde 1.1

kde kde 1.1.1

kde kde 2.1.1

kde kde 2.1.2

kde kde 3.0.3a

kde kde 3.0.4

kde kde 3.1.2

kde kde 3.1.3

kde kde 2.0

kde kde 2.0.1

kde kde 3.0

kde kde 3.0.1

kde kde 3.0.5b

kde kde 3.1

kde kde 2.0_beta

kde kde 2.1

kde kde 3.0.2

kde kde 3.0.3

kde kde 3.1.1

kde kde 3.1.1a

kde kde 1.1.2

kde kde 1.2

kde kde 2.2

kde kde 2.2.1

kde kde 2.2.2

kde kde 3.0.5

kde kde 3.0.5a

Vendor Advisories

Debian Security Advisories: DSA-388-1 kdebase -- several vulnerabilities
Two vulnerabilities were discovered in kdebase: CAN-2003-0690: KDM in KDE 313 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module CAN-2003-0692: ...
Debian Security Advisories: DSA-443-1 xfree86 -- several vulnerabilities
A number of vulnerabilities have been discovered in XFree86 The corrections are listed below with the identification from the Common Vulnerabilities and Exposures (CVE) project: CAN-2004-0083: Buffer overflow in ReadFontAlias from dirfilec of XFree86 410 through 430 allows local users and remote attackers to execute arbitrary cod ...

References

NVD-CWE-Otherhttp://www.kde.org/info/security/advisory-20030916-1.txthttp://www.redhat.com/support/errata/RHSA-2003-270.htmlhttp://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.htmlhttp://www.debian.org/security/2003/dsa-388http://www.debian.org/security/2004/dsa-443http://www.redhat.com/support/errata/RHSA-2003-286.htmlhttp://www.redhat.com/support/errata/RHSA-2003-289.htmlhttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000747http://www.redhat.com/support/errata/RHSA-2003-287.htmlhttp://www.redhat.com/support/errata/RHSA-2003-288.htmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2003:091http://marc.info/?l=bugtraq&m=106374551513499&w=2https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A193https://nvd.nist.govhttps://www.debian.org/security/./dsa-388
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2024-26978CVE-2024-26982wirelessCVE-2023-6949CVE-2024-26980CVE-2024-32766CVE-2024-26939cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook