Remote Authentication Server Vulnerability in Gnome Screensaver
CVE-2008-0887

Currently unrated

Key Information:

Vendor
Gnome
Status
Screensaver
Vendor
CVE Published:
6 April 2008

Summary

The Gnome Screensaver version prior to 2.22.1 contains a vulnerability that can be exploited when a remote authentication server is enabled. During a network outage, an attacker physically present at the machine can cause the screensaver to crash when attempting to unlock it. This unintended behavior allows the attacker to bypass security measures and gain unauthorized access to the user's locked session, posing a serious risk of data exposure.

References

https://www.redhat.com/archives/fedora-package-announce/2...
vendor-advisoryx_refsource_FEDORA
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://www.mandriva.com/security/advisories?name=MDVSA-20...
vendor-advisoryx_refsource_MANDRIVA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2008-0887 : Remote Authentication Server Vulnerability in Gnome Screensaver | SecurityVulnerability.io