Description
CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string.
References (3)
Core 3
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=90831127921062&w=2
Patch, Vendor Advisory issue-tracking
x_refsource_sunbug
http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fpatches%2F106027&zone_32=411568%2A%20
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/294
Scores
EPSS
0.0007
EPSS Percentile
22.3%
Details
Status
published
Products (3)
sun/solaris
2.6
sun/sunos
sun/sunos
5.6
Published
Nov 12, 1998
Tracked Since
Feb 18, 2026