| Vigil@nce team describes computer vulnerabilities impacting your systems, and offers solutions to correct them. |
|
 |
|
|
|
vulnerability bulletin CVE-2010-0414
GNOME: unlocking gnome-screensaver
Synthesis of the vulnerability
| A local attacker can unplug a screen, in order to stop gnome-screensaver. |
Severity: 1/4.
Creation date: 08/02/2010.
|
Description of the vulnerability
The gnome-screensaver program locks the screen and displays a drawing.
When a system with two screens is locked, an attacker can:
- move the mouse to the secondary screen (the password input form is displayed on this screen)
- unplug the secondary screen
- press a few keyboard keys
The gnome-screensaver then tries to handle keys associated to a non existing screen, which stops it.
A local attacker can therefore unplug a screen, in order to stop gnome-screensaver, and to access to user's session. |
Complete Vigil@nce bulletin
Characteristics
Title: GNOME: unlocking gnome-screensaver.
Keywords: GNOME gnome-screensaver unlocking.
Identifiers: 2009-4641, 609337, BID-38149, CVE-2010-0414, FEDORA-2010-1556, MDVSA-2010:040, SUSE-SR:2010:004, VIGILANCE-VUL-9418.
|
Information sources
Solutions for this vulnerability
Supplements
Computer vulnerabilities tracking service
The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Computer vulnerability database
|
