CVE-2003-0692

N/A Unknown

Published: October 06, 2003 Modified: April 16, 2026

Description

KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html

Source: cve@mitre.org

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000747

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=106374551513499&w=2

Source: cve@mitre.org

http://www.debian.org/security/2003/dsa-388

Source: cve@mitre.org

Patch Vendor Advisory

http://www.kde.org/info/security/advisory-20030916-1.txt

Source: cve@mitre.org

Patch Vendor Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2003:091

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2003-270.html

Source: cve@mitre.org

Patch Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2003-288.html

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A215

Source: cve@mitre.org

http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html