CVE-2008-0887 Common Vulnerabilities and Exposures

Upstream information

CVE-2008-0887 at MITRE

Description

gnome-screensaver before 2.22.1, when a remote authentication server is enabled, crashes upon an unlock attempt during a network outage, which allows physically proximate attackers to gain access to the locked session, a related issue to CVE-2007-1859.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having important severity.

CVSS v2 Scores
	National Vulnerability Database
Base Score	4.7
Vector	AV:L/AC:M/Au:N/C:N/I:N/A:C
Access Vector	Local
Access Complexity	Medium
Authentication	None
Confidentiality Impact	None
Integrity Impact	None
Availability Impact	Complete

SUSE Bugzilla entry: 372609 [RESOLVED / FIXED]

SUSE Security Advisories:

SUSE-SR:2008:014, published Fri, 04 Jul 2008 15:00:00 +0000

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise Server 11 SP1	`gnome-screensaver >= 2.28.3-0.4.30` `gnome-screensaver-lang >= 2.28.3-0.4.30`	Patchnames: SUSE Linux Enterprise Server 11 SP1 GA gnome-screensaver-2.28.3-0.4.30
SUSE Linux Enterprise Server 11 SP2	`gnome-screensaver >= 2.28.3-0.28.1` `gnome-screensaver-lang >= 2.28.3-0.28.1`	Patchnames: SUSE Linux Enterprise Server 11 SP2 GA gnome-screensaver-2.28.3-0.28.1
SUSE Linux Enterprise Server 11 SP3	`gnome-screensaver >= 2.28.3-0.32.1` `gnome-screensaver-lang >= 2.28.3-0.32.1`	Patchnames: SUSE Linux Enterprise Server 11 SP3 GA gnome-screensaver-2.28.3-0.32.1
SUSE Linux Enterprise Server 11 SP4	`gnome-screensaver >= 2.28.3-0.39.17` `gnome-screensaver-lang >= 2.28.3-0.39.17`	Patchnames: SUSE Linux Enterprise Server 11 SP4 GA gnome-screensaver-2.28.3-0.39.17

SUSE Timeline for this CVE

CVE page created: Fri Jun 28 02:56:53 2013
CVE page last modified: Fri Dec 8 16:24:55 2023