exploits , vulnerabilities , articles , KDE KDM Unspecified Password Authentication Bypass Vulnerability

Title	KDE KDM Unspecified Password Authentication Bypass Vulnerability
Published	2007-09-19-12:00AM
Updated	2007-10-24-03:07PM
Class	Access Validation Error
CVE	CVE-2007-4569
Remote	No
Local	Yes
Credit	Kees Huijgen is credited with the discovery of this vulnerability.
Vulnerable	Ubuntu Ubuntu Linux 7.04 sparc Ubuntu Ubuntu Linux 7.04 powerpc Ubuntu Ubuntu Linux 7.04 i386 Ubuntu Ubuntu Linux 7.04 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 SuSE SLES 9 SuSE SLES 8 SuSE SLES 10 SuSE openSUSE 10.3 SuSE openSUSE 10.2 SuSE Linux 10.1 SuSE Linux 10.0 Slackware Linux 12.0 rPath rPath Linux 1 RedHat Fedora Core7 0 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux Desktop Workstation 5 client RedHat Enterprise Linux Desktop 5 client RedHat Enterprise Linux AS 4 RedHat Enterprise Linux Desktop version 4 RedHat Enterprise Linux 5 server MandrakeSoft Linux Mandrake 2007.1 x86_64 MandrakeSoft Linux Mandrake 2007.1 MandrakeSoft Linux Mandrake 2007.0 x86_64 MandrakeSoft Linux Mandrake 2007.0 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 4.0 KDE KDE 3.5.7 KDE KDE 3.5.6 KDE KDE 3.5.5 KDE KDE 3.5.4 KDE KDE 3.5.3 KDE KDE 3.5.2 KDE KDE 3.5.1 KDE KDE 3.5 KDE KDE 3.4.3 Gentoo Linux KDE KDE 3.4.2 KDE KDE 3.4.1 RedHat Fedora Core4 RedHat Fedora Core4 KDE KDE 3.4 KDE KDE 3.3.2 Debian Linux 3.1 sparc Debian Linux 3.1 sparc Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 s/390 Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 ppc Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mipsel Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 mips Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 m68k Debian Linux 3.1 m68k Debian Linux 3.1 ia64 Debian Linux 3.1 ia64 Debian Linux 3.1 ia64 Debian Linux 3.1 ia32 Debian Linux 3.1 ia32 Debian Linux 3.1 ia32 Debian Linux 3.1 hppa Debian Linux 3.1 hppa Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 arm Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 amd64 Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1 alpha Debian Linux 3.1 alpha Debian Linux 3.1 Debian Linux 3.1 Debian Linux 3.1 KDE KDE 3.3.1 RedHat Fedora Core3 RedHat Fedora Core3 KDE KDE 3.3 Gentoo Linux Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia64 Debian Linux 4.0 ia32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0
Not Vulnerable
Code	A specific exploit is not required. An attacker simply needs to know a valid username.
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-12-17 Mozilla Firefox and SeaMonkey Theora Video Library Remote Integer Overflow Vulnerability
• 2009-12-17 Mozilla Firefox and Sea Monkey Insecure Protocol Location Bar Spoofing Vulnerability
• 2009-12-17 Mozilla Firefox and Sea Monkey Content Injection Spoofing Vulnerability
• 2009-12-17 Mozilla Firefox/SeaMonkey GeckoActiveXObject Exception Message COM Object Enumeration Vulnerability
• 2009-12-16 ZABBIX Denial Of Service and SQL Injection Vulnerabilities
• 2009-12-16 IBM WebSphere Application Server JNDI Remote Information Disclosure Vulnerability
• 2009-12-16 Horde Application Framework Administration Interface Cross-Site Scripting Vulnerability
• 2009-12-16 Mozilla Firefox and SeaMonkey MFSA 2009-65 through -71 Multiple Vulnerabilities
• 2009-12-16 Merkaartor Insecure Temporary File Creation Vulnerability
• 2009-12-15 TYPO3 Watchdog (aba_watchdog) Unspecified Information Disclosure Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Thu, 17 Dec 2009 10:39:08 +0000