Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2655

Overview

Vulnerability Score 5.4 5.4
CVE Id CVE-2004-2655
Last Modified 21 Aug 2010 12:24:58
Published 31 Dec 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2004-2655

Summary

rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, when running on Fedora and possibly other platforms, does not release the keyboard focus when xscreensaver starts, which causes the password to be entered into the active window when the user unlocks the screen.

Vulnerable Systems

Application

  • Xscreensaver 4.14

  • Xscreensaver 4.16

  • Xscreensaver 4.17


References

UBUNTU - USN-269-1

BID - 17471

MISC - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=188149

CONFIRM - http://www.jwz.org/xscreensaver/changelog.html

MISC - http://www.derkeiler.com/Newsgroups/comp.os.linux.security/2004-08/0018.html

REDHAT - RHSA-2006:0498

SUSE - SUSE-SR:2006:023

MANDRIVA - MDKSA-2006:071

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2006-107.htm

SECTRACK - 1016151

SECTRACK - 1016150

SECUNIA - 22080

SECUNIA - 20782

SECUNIA - 20456

SECUNIA - 20226

SGI - 20060602-01-U


Last Updated: 27 May 2016 10:39:34