CVE-2003-0692
 
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session.
KDM en KDE 3.1.3 y anteriores usa un algoritmo de generación de galletita (cookie) de sesión débil, que no tiene 128 bits de entropía, lo que permite a atacantes adivinar galletitas de sesión mediante métodos de fuerza bruta y ganar acceso a la sesión del usuario.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2003-08-14 CVE Reserved
- 2003-09-18 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (11)
URL | Tag | Source |
---|---|---|
http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html | X_refsource_misc | |
http://marc.info/?l=bugtraq&m=106374551513499&w=2 | Mailing List | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A215 | Signature |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.debian.org/security/2003/dsa-388 | 2017-10-11 | |
http://www.kde.org/info/security/advisory-20030916-1.txt | 2017-10-11 | |
http://www.redhat.com/support/errata/RHSA-2003-270.html | 2017-10-11 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 1.1 Search vendor "Kde" for product "Kde" and version "1.1" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 1.1.1 Search vendor "Kde" for product "Kde" and version "1.1.1" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 1.1.2 Search vendor "Kde" for product "Kde" and version "1.1.2" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 1.2 Search vendor "Kde" for product "Kde" and version "1.2" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 2.0 Search vendor "Kde" for product "Kde" and version "2.0" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 2.0.1 Search vendor "Kde" for product "Kde" and version "2.0.1" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 2.0_beta Search vendor "Kde" for product "Kde" and version "2.0_beta" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 2.1 Search vendor "Kde" for product "Kde" and version "2.1" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 2.1.1 Search vendor "Kde" for product "Kde" and version "2.1.1" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 2.1.2 Search vendor "Kde" for product "Kde" and version "2.1.2" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 2.2 Search vendor "Kde" for product "Kde" and version "2.2" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 2.2.1 Search vendor "Kde" for product "Kde" and version "2.2.1" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 2.2.2 Search vendor "Kde" for product "Kde" and version "2.2.2" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.0 Search vendor "Kde" for product "Kde" and version "3.0" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.0.1 Search vendor "Kde" for product "Kde" and version "3.0.1" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.0.2 Search vendor "Kde" for product "Kde" and version "3.0.2" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.0.3 Search vendor "Kde" for product "Kde" and version "3.0.3" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.0.3a Search vendor "Kde" for product "Kde" and version "3.0.3a" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.0.4 Search vendor "Kde" for product "Kde" and version "3.0.4" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.0.5 Search vendor "Kde" for product "Kde" and version "3.0.5" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.0.5a Search vendor "Kde" for product "Kde" and version "3.0.5a" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.0.5b Search vendor "Kde" for product "Kde" and version "3.0.5b" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.1 Search vendor "Kde" for product "Kde" and version "3.1" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.1.1 Search vendor "Kde" for product "Kde" and version "3.1.1" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.1.1a Search vendor "Kde" for product "Kde" and version "3.1.1a" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.1.2 Search vendor "Kde" for product "Kde" and version "3.1.2" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.1.3 Search vendor "Kde" for product "Kde" and version "3.1.3" | - |
Affected
|