Информационная безопасность
[RU] switch to English


Обход защиты gnome-screensaver
дополнено с 16 февраля 2010 г.
Опубликовано:9 марта 2010 г.
Источник:
SecurityVulns ID:10622
Тип:локальная
Уровень опасности:
5/10
Описание:Отказ скринсейвера при подключении монитора.
Затронутые продукты:GNOME : gnome-screensaver 2.28
CVE:CVE-2010-0732 (gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate attackers to bypass screen locking and access an unattended workstation by pressing the Enter key many times.)
 CVE-2010-0422 (gnome-screensaver 2.28.x before 2.28.3 does not properly synchronize the state of screen locking and the unlock dialog in situations involving a change to the number of monitors, which allows physically proximate attackers to bypass screen locking and access an unattended workstation by connecting and disconnecting monitors multiple times, a related issue to CVE-2010-0414.)
 CVE-2010-0414 (gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor.)
 CVE-2010-0285 (gnome-screensaver 2.14.3, 2.22.2, 2.27.x, 2.28.0, and 2.28.3, when the X configuration enables the extend screen option, allows physically proximate attackers to bypass screen locking, access an unattended workstation, and view half of the GNOME desktop by attaching an external monitor.)
Оригинальный текстdocumentUBUNTU, [USN-907-1] gnome-screensaver vulnerabilities (09.03.2010)
 documentUBUNTU, [USN-898-1] gnome-screensaver vulnerability (16.02.2010)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород