Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2003-0690

KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module.

Related bugs and status

CVE-2003-0690 (Candidate) is related to these bugs:

Bug #34436: [r128] XVideo output distorted/stretched on Mobility M4

Summary				In	Importance	Status
	34436	[r128] XVideo output distorted/stretched on Mobility M4		xserver-xorg-video-ati (Ubuntu)	Medium	Invalid
	34436	[r128] XVideo output distorted/stretched on Mobility M4		Debian	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://cert.uni-stuttg...
CONFIRM: http://www.kde.org/inf...
DEBIAN: DSA-388
DEBIAN: DSA-443
REDHAT: RHSA-2003:270
REDHAT: RHSA-2003:286
REDHAT: RHSA-2003:289
REDHAT: RHSA-2003:287
REDHAT: RHSA-2003:288
MANDRAKE: MDKSA-2003:091
BUGTRAQ: 20030916 [KDE SECURITY...
CONECTIVA: CLA-2003:747
OVAL: oval:org.mitre.oval:de...