CVE-2004-2655

2006-04-0801:00:00

Debian Security Bug Tracker

security-tracker.debian.org

CVSS2

5.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:C/I:N/A:N

EPSS

0.012

Percentile

85.2%

JSON

rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, when running on Fedora and possibly other platforms, does not release the keyboard focus when xscreensaver starts, which causes the password to be entered into the active window when the user unlocks the screen.

OSVersionArchitecturePackageVersionFilename
Debian12allxscreensaver< 4.18-1xscreensaver_4.18-1_all.deb
Debian11allxscreensaver< 4.18-1xscreensaver_4.18-1_all.deb
Debian999allxscreensaver< 4.18-1xscreensaver_4.18-1_all.deb
Debian13allxscreensaver< 4.18-1xscreensaver_4.18-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	xscreensaver	< 4.18-1	xscreensaver_4.18-1_all.deb
Debian	11	all	xscreensaver	< 4.18-1	xscreensaver_4.18-1_all.deb
Debian	999	all	xscreensaver	< 4.18-1	xscreensaver_4.18-1_all.deb
Debian	13	all	xscreensaver	< 4.18-1	xscreensaver_4.18-1_all.deb