Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2013-4132

Опубликовано: 16 сент. 2013
Источник: debian
EPSS Низкий

Описание

KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a (2) DES or (3) MD5 encrypted password, when FIPS-140 is enable, to KDM or an (4) invalid password to KCheckPass.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
kde-workspacefixed4:4.10.5-3package
kde-workspacenot-affectedwheezypackage
kdebase-workspacenot-affectedpackage

Примечания

  • https://git.reviewboard.kde.org/r/111261/

  • https://projects.kde.org/projects/kde/kde-workspace/repository/revisions/45b7f137fbc0b942fd2c9b4e8d8c1f0293e64ba7

  • only relevant with eglibc >= 2.17.

EPSS

Процентиль: 74%
0.00832
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2013-4132

ubuntu
больше 12 лет назад

KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a (2) DES or (3) MD5 encrypted password, when FIPS-140 is enable, to KDM or an (4) invalid password to KCheckPass.

redhat логотип

CVE-2013-4132

redhat
больше 12 лет назад

KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a (2) DES or (3) MD5 encrypted password, when FIPS-140 is enable, to KDM or an (4) invalid password to KCheckPass.

nvd логотип

CVE-2013-4132

nvd
больше 12 лет назад

KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a (2) DES or (3) MD5 encrypted password, when FIPS-140 is enable, to KDM or an (4) invalid password to KCheckPass.

github логотип

GHSA-4vrh-wr8w-rqg2

github
больше 3 лет назад

KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a (2) DES or (3) MD5 encrypted password, when FIPS-140 is enable, to KDM or an (4) invalid password to KCheckPass.

EPSS

Процентиль: 74%
0.00832
Низкий
Уязвимость CVE-2013-4132