CVE-2003-0692 — Vulnetix

CVE-2003-0692 PUBLISHED

Reported by mitre · Published September 18, 2003

KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a, n/a, *

Timeline

Sep 18, 2003 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 4, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 9, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 3, 2023 EPSS Score
May 25, 2023 EPSS Score

References

CLA-2003:747 vendor-advisoryx_refsource_CONECTIVA
20030916 [KDE SECURITY ADVISORY] KDM vulnerabilities mailing-listx_refsource_BUGTRAQ
oval:org.mitre.oval:def:215 vdb-entrysignaturex_refsource_OVAL
x_refsource_MISC
RHSA-2003:270 vendor-advisoryx_refsource_REDHAT
DSA-388 vendor-advisoryx_refsource_DEBIAN
MDKSA-2003:091 vendor-advisoryx_refsource_MANDRAKE
x_refsource_CONFIRM
RHSA-2003:288 vendor-advisoryx_refsource_REDHAT

Open in Interactive Console →