CVE-2003-0692 in KDEinfo

Summary

KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session.

Reservation

08/14/2003

Disclosure

10/06/2003

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
20849	KDE Session Cookie improper authentication	287	Not defined	Not defined	CVE-2003-0692
289	XFree86 Session Cookie		Not defined	Official fix	CVE-2003-0692

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Do you need the next level of professionalism?

Upgrade your account now!