ID CVE-2007-6389
Summary The notify feature in GNOME screensaver (gnome-screensaver) 2.20.0 might allow local users to read the clipboard contents and X selection data for a locked session by using ctrl-V.
References
Vulnerable Configurations
  • cpe:2.3:a:gnome:screensaver:2.20
    cpe:2.3:a:gnome:screensaver:2.20
CVSS
Base: 2.1 (as of 17-12-2007 - 14:19)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-2872.NASL
    description This update addresses CVE-2007-6389 a flaw where the contents of the user's clipboard can be accessed from the 'Leave Message' feature within the lock screen dialog. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-21
    plugin id 31750
    published 2008-04-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31750
    title Fedora 8 : gnome-screensaver-2.20.0-11.fc8 (2008-2872)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_GNOME-SCREENSAVER-5506.NASL
    description This update of gnome-screensaver disallows local users to read the contents of the clipboard for a locked screen using ctrl-v. (CVE-2007-6389)
    last seen 2019-02-21
    modified 2014-06-13
    plugin id 33896
    published 2008-08-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33896
    title openSUSE 10 Security Update : gnome-screensaver (gnome-screensaver-5506)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2008-135.NASL
    description A vulnerability was found in gnome-screensaver 2.20.0 that could possibly allow a local user to read the clipboard contents and X selection data for a locked session by using CTRL-V (CVE-2007-6389). The updated packages have been patched to correct this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 37945
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37945
    title Mandriva Linux Security Advisory : gnome-screensaver (MDVSA-2008:135)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-669-1.NASL
    description It was discovered that the notify feature in gnome-screensaver could let a local attacker read the clipboard contents of a locked session by using Ctrl-V. (CVE-2007-6389) Alan Matsuoka discovered that gnome-screensaver did not properly handle network outages when using a remote authentication service. During a network interruption, or by disconnecting the network cable, a local attacker could gain access to locked sessions. (CVE-2008-0887). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 36364
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36364
    title Ubuntu 6.06 LTS / 7.10 : gnome-screensaver vulnerabilities (USN-669-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-2818.NASL
    description This update addresses CVE-2007-6389 a flaw where the contents of the user's clipboard can be accessed from the 'Leave Message' feature within the lock screen dialog. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-21
    plugin id 31744
    published 2008-04-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31744
    title Fedora 7 : gnome-screensaver-2.18.2-3.fc7 (2008-2818)
refmap via4
bid 30096
confirm
fedora
  • FEDORA-2008-2818
  • FEDORA-2008-2872
mandriva MDVSA-2008:135
secunia
  • 29595
  • 29666
  • 31687
  • 32691
suse SUSE-SR:2008:017
ubuntu USN-669-1
Last major update 30-10-2012 - 22:48
Published 17-12-2007 - 13:46
Back to Top