KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2003-09-18T04:00:00
Updated: 2024-08-08T02:05:12.653Z
Reserved: 2003-08-14T00:00:00
Link: CVE-2003-0692
Vulnrichment
No data.
NVD
Status : Modified
Published: 2003-10-06T04:00:00.000
Modified: 2024-11-20T23:45:18.717
Link: CVE-2003-0692
Redhat