CVE-2004-2655
5.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:C/I:N/A:N
6.4 Medium
AI Score
Confidence
Low
0.012 Low
EPSS
Percentile
85.3%
rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, when running on Fedora and possibly other platforms, does not release the keyboard focus when xscreensaver starts, which causes the password to be entered into the active window when the user unlocks the screen.
Affected configurations
References
ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc
secunia.com/advisories/20226
secunia.com/advisories/20456
secunia.com/advisories/20782
secunia.com/advisories/22080
securitytracker.com/id?1016150
securitytracker.com/id?1016151
support.avaya.com/elmodocs2/security/ASA-2006-107.htm
www.derkeiler.com/Newsgroups/comp.os.linux.security/2004-08/0018.html
www.jwz.org/xscreensaver/changelog.html
www.mandriva.com/security/advisories?name=MDKSA-2006:071
www.novell.com/linux/security/advisories/2006_23_sr.html
www.redhat.com/support/errata/RHSA-2006-0498.html
www.securityfocus.com/bid/17471
bugzilla.redhat.com/bugzilla/show_bug.cgi?id=188149
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10096
usn.ubuntu.com/269-1/
Related
5.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:C/I:N/A:N
6.4 Medium
AI Score
Confidence
Low
0.012 Low
EPSS
Percentile
85.3%