VDB
CVE-2003-0690
CVE-2003-0690
PUBLISHED
Reported by mitre · Published September 18, 2003
KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, *, * |
Timeline
- Sep 18, 2003 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- CLA-2003:747 vendor-advisoryx_refsource_CONECTIVA
- oval:org.mitre.oval:def:193 vdb-entrysignaturex_refsource_OVAL
- 20030916 [KDE SECURITY ADVISORY] KDM vulnerabilities mailing-listx_refsource_BUGTRAQ
- DSA-443 vendor-advisoryx_refsource_DEBIAN
- RHSA-2003:289 vendor-advisoryx_refsource_REDHAT
- x_refsource_MISC
- RHSA-2003:287 vendor-advisoryx_refsource_REDHAT
- RHSA-2003:270 vendor-advisoryx_refsource_REDHAT
- RHSA-2003:286 vendor-advisoryx_refsource_REDHAT
- DSA-388 vendor-advisoryx_refsource_DEBIAN
- MDKSA-2003:091 vendor-advisoryx_refsource_MANDRAKE
- x_refsource_CONFIRM
- RHSA-2003:288 vendor-advisoryx_refsource_REDHAT