Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2007-1859HistoryMay 02, 2007 - 8:19 p.m.
CVE-2007-1859
2007-05-0220:19:00
Debian Security Bug Tracker
security-tracker.debian.org
15
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.001
Percentile
38.4%
XScreenSaver 4.10, when using a remote directory service for credentials, does not properly handle the results from the getpwuid function in drivers/lock.c when there is no network connectivity, which causes XScreenSaver to crash and unlock the screen and allows local users to bypass authentication.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | xscreensaver | <Â 5.03-1 | xscreensaver_5.03-1_all.deb |
| Debian | 11 | all | xscreensaver | <Â 5.03-1 | xscreensaver_5.03-1_all.deb |
| Debian | 999 | all | xscreensaver | <Â 5.03-1 | xscreensaver_5.03-1_all.deb |
| Debian | 13 | all | xscreensaver | <Â 5.03-1 | xscreensaver_5.03-1_all.deb |
Related
nessus
nessus
Oracle Linux 3 / 4 : xscreensaver (ELSA-2007-0322)
2013-07-12 00:00:00
RHEL 2.1 / 3 / 4 : xscreensaver (RHSA-2007:0322)
2007-05-03 00:00:00
Scientific Linux Security Update : xscreensaver on SL3.0.x i386/x86_64
2012-08-01 00:00:00
prion
prion
Authentication flaw
2007-05-02 20:19:00
Sql injection
2008-04-06 23:44:00
openvas
openvas
Gentoo Security Advisory GLSA 200705-14 (xscreensaver)
2008-09-24 00:00:00
Ubuntu: Security Advisory (USN-474-1)
2009-03-23 00:00:00
Mandriva Update for xscreensaver MDKSA-2007:097 (xscreensaver)
2009-04-09 00:00:00
gentoo
gentoo
XScreenSaver: Privilege escalation
2007-05-13 00:00:00
centos
centos
xscreensaver security update
2007-05-02 16:47:42
xscreensaver security update
2007-05-03 23:03:02
ubuntu
ubuntu
xscreensaver vulnerability
2007-06-12 00:00:00
redhat
redhat
(RHSA-2007:0322) Important: xscreensaver security update
2007-05-02 00:00:00
securityvulns
securityvulns
xscreensaver console access protection bypass
2007-05-04 00:00:00
[ MDKSA-2007:097 ] - Updated xscreensaver packages fix vulnerability
2007-05-04 00:00:00
nvd
nvd
CVE-2007-1859
2007-05-02 20:19:00
CVE-2008-0887
2008-04-06 23:44:00
ubuntucve
ubuntucve
CVE-2007-1859
2007-05-02 00:00:00
CVE-2008-0887
2008-04-06 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:15:32
cvelist
cvelist
CVE-2007-1859
2007-05-02 20:00:00
CVE-2008-0887
2008-04-06 23:00:00
cve
cve
CVE-2007-1859
2007-05-02 20:19:00
CVE-2008-0887
2008-04-06 23:44:00
oraclelinux
oraclelinux
Important: xscreensaver security update
2007-05-08 00:00:00
debiancve
debiancve
CVE-2008-0887
2008-04-06 23:44:00
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.001
Percentile
38.4%
Related for DEBIANCVE:CVE-2007-1859