Remote Authentication Server Vulnerability in Gnome Screensaver
CVE-2008-0887

Currently unrated

Key Information:

Vendor: Gnome
Status: Screensaver
Vendor: CVE Published:; 6 April 2008

What is CVE-2008-0887?

The Gnome Screensaver version prior to 2.22.1 contains a vulnerability that can be exploited when a remote authentication server is enabled. During a network outage, an attacker physically present at the machine can cause the screensaver to crash when attempting to unlock it. This unintended behavior allows the attacker to bypass security measures and gain unauthorized access to the user's locked session, posing a serious risk of data exposure.

References

https://www.redhat.com/archives/fedora-package-announce/2...

vendor-advisoryx_refsource_FEDORA

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 6, 2008
Vulnerability Reserved
Feb 21, 2008