Upstream information

CVE-2008-0887 at MITRE

Description

gnome-screensaver before 2.22.1, when a remote authentication server is enabled, crashes upon an unlock attempt during a network outage, which allows physically proximate attackers to gain access to the locked session, a related issue to CVE-2007-1859.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having important severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.7
Vector AV:L/AC:M/Au:N/C:N/I:N/A:C
Access Vector Local
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Complete
SUSE Bugzilla entry: 372609 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Server 11 SP1
  • gnome-screensaver >= 2.28.3-0.4.30
  • gnome-screensaver-lang >= 2.28.3-0.4.30
Patchnames:
SUSE Linux Enterprise Server 11 SP1 GA gnome-screensaver
SUSE Linux Enterprise Server 11 SP2
  • gnome-screensaver >= 2.28.3-0.28.1
  • gnome-screensaver-lang >= 2.28.3-0.28.1
Patchnames:
SUSE Linux Enterprise Server 11 SP2 GA gnome-screensaver
SUSE Linux Enterprise Server 11 SP3
  • gnome-screensaver >= 2.28.3-0.32.1
  • gnome-screensaver-lang >= 2.28.3-0.32.1
Patchnames:
SUSE Linux Enterprise Server 11 SP3 GA gnome-screensaver
SUSE Linux Enterprise Server 11 SP4
  • gnome-screensaver >= 2.28.3-0.39.17
  • gnome-screensaver-lang >= 2.28.3-0.39.17
Patchnames:
SUSE Linux Enterprise Server 11 SP4 GA gnome-screensaver
SUSE LINUX 10.1
  • gnome-screensaver >= 2.14.0-19.41.8