cbcvebase.
CVE-2003-0690
published 2003-10-06

CVE-2003-0690: KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering…

PriorityP433critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
2.65%
83.7th percentile
KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module.

Affected

27 ranges· showing 25
VendorProductVersion rangeFixed in
kdekde
kdekde
kdekde
kdekde
kdekde
kdekde
kdekde
kdekde
kdekde
kdekde
kdekde
kdekde
kdekde
kdekde
kdekde
kdekde
kdekde
kdekde
kdekde
kdekde
kdekde
kdekde
kdekde
kdekde
kdekde

CVSS provenance

nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.