ID CVE-2009-3851
Summary Trusted Extensions in Sun Solaris 10 interferes with the operation of the xscreensaver-demo command for the XScreenSaver application, which makes it easier for physically proximate attackers to access an unattended workstation for which the intended screen locking did not occur, related to the "restart daemon."
References
Vulnerable Configurations
  • cpe:2.3:o:sun:solaris:10.0:-:x86
    cpe:2.3:o:sun:solaris:10.0:-:x86
  • cpe:2.3:o:sun:solaris:10.0:-:sparc
    cpe:2.3:o:sun:solaris:10.0:-:sparc
CVSS
Base: 7.2 (as of 04-11-2009 - 06:53)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_120095-35.NASL
    description X11 6.6.2_x86: xscreensaver patch. Date this patch was last updated by Sun : Apr/14/14
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107855
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107855
    title Solaris 10 (x86) : 120095-35
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_120094-36.NASL
    description X11 6.6.2: xscreensaver patch. Date this patch was last updated by Sun : Oct/13/14
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107354
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107354
    title Solaris 10 (sparc) : 120094-36
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_120094.NASL
    description X11 6.6.2: xscreensaver patch. Date this patch was last updated by Sun : Oct/13/14 This plugin has been deprecated and either replaced with individual 120094 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 24373
    published 2007-02-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24373
    title Solaris 10 (sparc) : 120094-36 (deprecated)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_120095-36.NASL
    description X11 6.6.2_x86: xscreensaver patch. Date this patch was last updated by Sun : Oct/13/14
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107856
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107856
    title Solaris 10 (x86) : 120095-36
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_120094-35.NASL
    description X11 6.6.2: xscreensaver patch. Date this patch was last updated by Sun : Apr/14/14
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107353
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107353
    title Solaris 10 (sparc) : 120094-35
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_120095.NASL
    description X11 6.6.2_x86: xscreensaver patch. Date this patch was last updated by Sun : Oct/13/14 This plugin has been deprecated and either replaced with individual 120095 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 24385
    published 2007-02-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24385
    title Solaris 10 (x86) : 120095-36 (deprecated)
oval via4
accepted 2010-01-25T04:00:26.233-05:00
class vulnerability
contributors
name Pai Peng
organization Hewlett-Packard
definition_extensions
  • comment Solaris 10 (SPARC) is installed
    oval oval:org.mitre.oval:def:1440
  • comment Solaris 10 (x86) is installed
    oval oval:org.mitre.oval:def:1926
description Trusted Extensions in Sun Solaris 10 interferes with the operation of the xscreensaver-demo command for the XScreenSaver application, which makes it easier for physically proximate attackers to access an unattended workstation for which the intended screen locking did not occur, related to the "restart daemon."
family unix
id oval:org.mitre.oval:def:6845
status accepted
submitted 2009-12-17T14:02:00.000-05:00
title Security Vulnerability in Solaris Trusted Extensions may Prevent XScreenSaver (xscreensaver(1)) From Running
version 30
refmap via4
confirm http://sunsolve.sun.com/search/document.do?assetkey=1-21-120094-28-1
sunalert 270809
Last major update 21-08-2010 - 01:36
Published 03-11-2009 - 11:30
Last modified 18-09-2017 - 21:29
Back to Top