Gentoo Linux Security Advisory GLSA 200710-15 - Kees Huijgen discovered an error when checking the credentials which can lead to a login without specifying a password. This only occurs when auto login is configured for at least one user and a password is required to shut down the machine. Versions less than 3.5.7-r2 are affected.
e6bc177e9d92d66ab70607d57bf4f3331b6dca6dd6d0981a73fb4dd471b22b02
Mandriva Linux Security Advisory - A vulnerability was discovered in KDM by Kees Huijgen where under certain circumstances and in particular configurations, KDM could be tricked into allowing users to login without a password.
282e85a63e64b85c7cc421aee20e564b2296562cd10fd53bc8702125c618ef7f
Ubuntu Security Notice 517-1 - It was discovered that KDM would allow logins without password checks under certain circumstances. If autologin was configured, and "shutdown with password" enabled, a local user could exploit the problem and gain root privileges.
2e499c39af92314ba00ebfd200df3e288acfad726cd2c6476eb83f94de02fa4b
Debian Security Advisory 1376-1 - iKees Huijgen discovered that under certain circumstances KDM, an X session manage for KDE, it is possible for KDM to be tricked into allowing user logins without a password.
490fbb9332aa848c9c36f0ac94c6af9792e5dd2a801cddb4ffdff130febedee3