CVE-2007-4569
KDE 3.3.0-3.5.7 - Unauthenticated Login Bypass via KDM Autologin
Title source: llmDescription
backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is configured and "shutdown with password" is enabled, allows remote attackers to bypass the password requirement and login to arbitrary accounts via unspecified vectors.
References (25)
Core 25
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27271
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200710-15.xml
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26904
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26894
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.html
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2007/dsa-1376
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0905.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27180
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26915
Patch, Vendor Advisory x_refsource_confirm
http://www.kde.org/info/security/advisory-20070919-1.txt
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3227
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26977
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27106
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10359
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26929
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27089
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27096
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:190
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1018724
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36711
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-517-1
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25730
Issue Tracking x_refsource_confirm
https://issues.rpath.com/browse/RPL-1725
Scores
EPSS
0.0052
EPSS Percentile
66.9%
Details
CWE
CWE-264
Status
published
Products (18)
kde/kde
3.3
kde/kde
3.3.0
kde/kde
3.3.1
kde/kde
3.3.2
kde/kde
3.4
kde/kde
3.4.0
kde/kde
3.4.1
kde/kde
3.4.2
kde/kde
3.4.3
kde/kde
3.5
... and 8 more
Published
Sep 21, 2007
Tracked Since
Feb 18, 2026