ID CVE-2007-3283
Summary GNOME XScreenSaver in Sun Solaris 8 and 9 before 20070417, when root is logged into the console, does not automatically lock the screen after a session has been inactive, which might allow physically proximate attackers to access the console.
References
Vulnerable Configurations
  • cpe:2.3:o:sun:solaris:8.0:-:sparc
    cpe:2.3:o:sun:solaris:8.0:-:sparc
  • cpe:2.3:o:sun:solaris:8.0:-:x86
    cpe:2.3:o:sun:solaris:8.0:-:x86
  • cpe:2.3:o:sun:solaris:9.0:-:sparc
    cpe:2.3:o:sun:solaris:9.0:-:sparc
  • cpe:2.3:o:sun:solaris:9.0:-:x86
    cpe:2.3:o:sun:solaris:9.0:-:x86
CVSS
Base: 6.8 (as of 25-06-2007 - 08:54)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW SINGLE_INSTANCE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_X86_115299.NASL
    description X11 6.4.1_x86: xscreensaver patch. Date this patch was last updated by Sun : Apr/16/07
    last seen 2018-09-01
    modified 2014-08-30
    plugin id 25076
    published 2007-04-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25076
    title Solaris 8 (x86) : 115299-01
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_120095-35.NASL
    description X11 6.6.2_x86: xscreensaver patch. Date this patch was last updated by Sun : Apr/14/14
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107855
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107855
    title Solaris 10 (x86) : 120095-35
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_120094-36.NASL
    description X11 6.6.2: xscreensaver patch. Date this patch was last updated by Sun : Oct/13/14
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107354
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107354
    title Solaris 10 (sparc) : 120094-36
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_120094.NASL
    description X11 6.6.2: xscreensaver patch. Date this patch was last updated by Sun : Oct/13/14 This plugin has been deprecated and either replaced with individual 120094 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 24373
    published 2007-02-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24373
    title Solaris 10 (sparc) : 120094-36 (deprecated)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_120095-36.NASL
    description X11 6.6.2_x86: xscreensaver patch. Date this patch was last updated by Sun : Oct/13/14
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107856
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107856
    title Solaris 10 (x86) : 120095-36
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_120094-35.NASL
    description X11 6.6.2: xscreensaver patch. Date this patch was last updated by Sun : Apr/14/14
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107353
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107353
    title Solaris 10 (sparc) : 120094-35
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_120095.NASL
    description X11 6.6.2_x86: xscreensaver patch. Date this patch was last updated by Sun : Oct/13/14 This plugin has been deprecated and either replaced with individual 120095 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 24385
    published 2007-02-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24385
    title Solaris 10 (x86) : 120095-36 (deprecated)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_115298.NASL
    description X11 6.4.1: xscreensaver patch. Date this patch was last updated by Sun : Apr/16/07
    last seen 2018-09-01
    modified 2014-08-30
    plugin id 25074
    published 2007-04-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25074
    title Solaris 8 (sparc) : 115298-01
oval via4
accepted 2007-08-01T22:26:15.533-04:00
class vulnerability
contributors
name Yuzheng Zhou
organization Opsware, Inc.
definition_extensions
  • comment Solaris 8 (SPARC) is installed
    oval oval:org.mitre.oval:def:1539
  • comment Solaris 8 (x86) is installed
    oval oval:org.mitre.oval:def:2059
  • comment Solaris 9 (SPARC) is installed
    oval oval:org.mitre.oval:def:1457
  • comment Solaris 9 (x86) is installed
    oval oval:org.mitre.oval:def:1683
description GNOME XScreenSaver in Sun Solaris 8 and 9 before 20070417, when root is logged into the console, does not automatically lock the screen after a session has been inactive, which might allow physically proximate attackers to access the console.
family unix
id oval:org.mitre.oval:def:2037
status accepted
submitted 2007-06-21T09:00:00.000-04:00
title GNOME XScreenSaver in Solaris 8 and 9 may Allow Physically Proximate Attackers to Access the Console
version 32
refmap via4
misc http://www.jwz.org/xscreensaver/faq.html#root-lock
osvdb 36586
sunalert 101338
Last major update 30-10-2012 - 22:38
Published 19-06-2007 - 18:30
Last modified 10-10-2017 - 21:32
Back to Top