CVE-2004-2655
Severity:
Pending analysis
Type:
Unavailable / Other
Publication date:
31/12/2004
Last modified:
03/10/2018
Description
rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, when running on Fedora and possibly other platforms, does not release the keyboard focus when xscreensaver starts, which causes the password to be entered into the active window when the user unlocks the screen.
Impact
Base Score 2.0
5.40
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:xscreensaver:xscreensaver:4.14:*:*:*:*:*:*:* | ||
| cpe:2.3:a:xscreensaver:xscreensaver:4.16:*:*:*:*:*:*:* | ||
| cpe:2.3:a:xscreensaver:xscreensaver:4.17:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc
- http://secunia.com/advisories/20226
- http://secunia.com/advisories/20456
- http://secunia.com/advisories/20782
- http://secunia.com/advisories/22080
- http://securitytracker.com/id?1016150=
- http://securitytracker.com/id?1016151=
- http://support.avaya.com/elmodocs2/security/ASA-2006-107.htm
- http://www.derkeiler.com/Newsgroups/comp.os.linux.security/2004-08/0018.html
- http://www.jwz.org/xscreensaver/changelog.html
- http://www.mandriva.com/security/advisories?name=MDKSA-2006%3A071
- http://www.novell.com/linux/security/advisories/2006_23_sr.html
- http://www.redhat.com/support/errata/RHSA-2006-0498.html
- http://www.securityfocus.com/bid/17471
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=188149
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10096
- https://usn.ubuntu.com/269-1/