Oval Definition:oval:org.mitre.oval:def:193
Revision Date:2007-04-25Version:18
Title:KDM pam_setcred Privilege Escalation Vulnerability
Description:KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2003-0690
Platform(s):Red Hat Linux 9
Product(s):KDM
Definition Synopsis
  • Software section
  • Red Hat 9 is installed
  • AND ix86 architecture
  • AND kdebase version is less than 3.1-15
  • AND Configuration section
  • /usr/bin/kdm is executable
  • /usr/bin/kdm is executable
  • OR /usr/bin/kdm is executable
  • OR /usr/bin/kdm is executable
  • BACK