Your submission was sent successfully! Close

USN-517-1: kdm vulnerability

25 September 2007

kdm vulnerability

Releases

Packages

Details

It was discovered that KDM would allow logins without password checks
under certain circumstances. If autologin was configured, and "shutdown
with password" enabled, a local user could exploit the problem and gain
root privileges.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 7.04
Ubuntu 6.10
Ubuntu 6.06

In general, a standard system upgrade is sufficient to effect the
necessary changes.

References