| ID |
CVE-2004-2655
|
| Summary |
rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, when running on Fedora and possibly other platforms, does not release the keyboard focus when xscreensaver starts, which causes the password to be entered into the active window when the user unlocks the screen. This vulnerability is addressed in the following product release:
XScreenSaver, XScreenSaver, 4.18 |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:xscreensaver:xscreensaver:4.14:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.14:*:*:*:*:*:*:*
-
cpe:2.3:a:xscreensaver:xscreensaver:4.16:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.16:*:*:*:*:*:*:*
-
cpe:2.3:a:xscreensaver:xscreensaver:4.17:*:*:*:*:*:*:*
cpe:2.3:a:xscreensaver:xscreensaver:4.17:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 5.4 (as of 03-10-2018 - 21:29) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
HIGH |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
NONE |
NONE |
|
| cvss-vector
via4
|
AV:N/AC:H/Au:N/C:C/I:N/A:N
|
| oval
via4
|
| accepted | 2013-04-29T04:01:35.406-04:00 | | class | vulnerability | | contributors | | name | Aharon Chernin | | organization | SCAP.com, LLC |
| name | Dragos Prisaca | | organization | G2, Inc. |
| | definition_extensions | | comment | The operating system installed on the system is Red Hat Enterprise Linux 3 | | oval | oval:org.mitre.oval:def:11782 |
| comment | CentOS Linux 3.x | | oval | oval:org.mitre.oval:def:16651 |
| | description | rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, when running on Fedora and possibly other platforms, does not release the keyboard focus when xscreensaver starts, which causes the password to be entered into the active window when the user unlocks the screen. | | family | unix | | id | oval:org.mitre.oval:def:10096 | | status | accepted | | submitted | 2010-07-09T03:56:16-04:00 | | title | rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, when running on Fedora and possibly other platforms, does not release the keyboard focus when xscreensaver starts, which causes the password to be entered into the active window when the user unlocks the screen. | | version | 28 |
|
| redhat
via4
|
| advisories | | | rpms | - xscreensaver-1:4.10-20
- xscreensaver-debuginfo-1:4.10-20
|
|
| refmap
via4
|
| bid | 17471 | | confirm | | | mandriva | MDKSA-2006:071 | | misc | | | sectrack | | | secunia | | | sgi | 20060602-01-U | | suse | SUSE-SR:2006:023 | | ubuntu | USN-269-1 |
|
| Last major update |
03-10-2018 - 21:29 |
| Published |
31-12-2004 - 05:00 |
| Last modified |
03-10-2018 - 21:29 |
