CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:S/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
74.3%
It was discovered that KDM would allow logins without password checks
under certain circumstances. If autologin was configured, and “shutdown
with password” enabled, a local user could exploit the problem and gain
root privileges.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 7.04 | noarch | kdm | < 4:3.5.6-0ubuntu20.4 | UNKNOWN |
Ubuntu | 7.04 | noarch | kappfinder | < 4:3.5.6-0ubuntu20.4 | UNKNOWN |
Ubuntu | 7.04 | noarch | kate | < 4:3.5.6-0ubuntu20.4 | UNKNOWN |
Ubuntu | 7.04 | noarch | kcontrol | < 4:3.5.6-0ubuntu20.4 | UNKNOWN |
Ubuntu | 7.04 | noarch | kdebase-bin | < 4:3.5.6-0ubuntu20.4 | UNKNOWN |
Ubuntu | 7.04 | noarch | kdebase-dbg | < 4:3.5.6-0ubuntu20.4 | UNKNOWN |
Ubuntu | 7.04 | noarch | kdebase-dev | < 4:3.5.6-0ubuntu20.4 | UNKNOWN |
Ubuntu | 7.04 | noarch | kdebase-kio-plugins | < 4:3.5.6-0ubuntu20.4 | UNKNOWN |
Ubuntu | 7.04 | noarch | kdepasswd | < 4:3.5.6-0ubuntu20.4 | UNKNOWN |
Ubuntu | 7.04 | noarch | kdeprint | < 4:3.5.6-0ubuntu20.4 | UNKNOWN |