Mandrake alert: Updated kdebase packages fix vulnerabilities in KDM
A vulnerability was discovered in all versions of KDE 2.2.0 up to and including 3.1.3. KDM does not check for successful completion of the pam_setcred() call and in the case of error conditions in the installed PAM modules, KDM may grant local root access to any user with valid login credentials. It has been reported to the KDE team that a certain configuration of the MIT pam_krb5 module can result in a failing pam_setcred() call which leaves the session alive and would provide root access to any regular user. It is also possible that this vulnerability can likewise be exploited with other PAM modules in a similar manner.
-----BEGIN PGP SIGNED MESSAGE-----
Mandrake Linux Security Update Advisory
Package name: kdebase
Advisory ID: MDKSA-2003:091
Date: September 16th, 2003
Affected versions: 9.0, 9.1, Corporate Server 2.1
A vulnerability was discovered in all versions of KDE 2.2.0 up to and
including 3.1.3. KDM does not check for successful completion of the
pam_setcred() call and in the case of error conditions in the installed
PAM modules, KDM may grant local root access to any user with valid
login credentials. It has been reported to the KDE team that a certain
configuration of the MIT pam_krb5 module can result in a failing
pam_setcred() call which leaves the session alive and would provide root
access to any regular user. It is also possible that this vulnerability
can likewise be exploited with other PAM modules in a similar manner.
Another vulnerability was discovered in kdm where the cookie session
generating algorithm was considered too weak to supply a full 128 bits
of entropy. This allowed unauthorized users to brute-force the session
mdkkdm, a specialized version of kdm, is likewise vulnerable to these
problems and has been patched as well.
Corporate Server 2.1:
Corporate Server 2.1/x86_64:
Mandrake Linux 9.0:
Mandrake Linux 9.1:
Mandrake Linux 9.1/PPC:
Bug IDs fixed (see https://qa.mandrakesoft.com for more information):
To upgrade automatically, use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
A list of FTP mirrors can be obtained from:
All packages are signed by MandrakeSoft for security. You can obtain
the GPG public key of the Mandrake Linux Security Team by executing:
gpg --recv-keys --keyserver http://www.mandrakesecure.net 0x22458A98
Please be aware that sometimes it takes the mirrors a few hours to
You can view other update advisories for Mandrake Linux at:
MandrakeSoft has several security-related mailing list services that
anyone can subscribe to. Information on these lists can be obtained by
If you want to report vulnerabilities, please contact
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
-----END PGP SIGNATURE-----
This topic does not have any threads posted yet!
You cannot post until you login.