CVE-2008-0887 β€” Screensaver vulnerability

8 documents8 sources
Severity
4.7MEDIUMNVD
CNA4.6OSV4.6
EPSS
0.2%
top 52.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Gnome Screensaver
Timeline
PublishedApr 6
Latest updateMay 1

Description

gnome-screensaver before 2.22.1, when a remote authentication server is enabled, crashes upon an unlock attempt during a network outage, which allows physically proximate attackers to gain access to the locked session, a related issue to CVE-2007-1859.

CVSS vector

AV:L/AC:M/C:N/I:N/A:CExploitability: 3.4 | Impact: 6.9

Affected Packages1 packages

β–ΆNVDgnome/screensaver2.20.0

πŸ”΄Vulnerability Details

3
GHSA
GHSA-x3jq-r6gp-49qf: gnome-screensaver before 2β†—2022-05-01
β–Ά
CVEList
CVE-2008-0887: gnome-screensaver before 2β†—2008-04-06
β–Ά
OSV
CVE-2008-0887: gnome-screensaver before 2β†—2008-04-06
β–Ά

πŸ“‹Vendor Advisories

3
Ubuntu
gnome-screensaver vulnerabilities↗2008-11-11
β–Ά
Red Hat
gnome-screensaver using NIS auth will unlock if NIS goes away↗2008-04-02
β–Ά
Debian
CVE-2008-0887: gnome-screensaver - gnome-screensaver before 2.22.1, when a remote authentication server is enabled,...β†—2008
β–Ά

πŸ’¬Community

1
Bugzilla
CVE-2008-0887 gnome-screensaver using NIS auth will unlock if NIS goes away↗2008-03-03
β–Ά
CVE-2008-0887 β€” Gnome Screensaver vulnerability | cvebase