CVE-2003-0690

KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module.

Date published : 2003-09-18

http://marc.info/?l=bugtraq&m=106374551513499&w=2

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000747