CVE-2003-0690

CVE-2003-0690 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module.

Learn more about our Web Application Penetration Testing UK.