Description
GNOME XScreenSaver in Sun Solaris 8 and 9 before 20070417, when root is logged into the console, does not automatically lock the screen after a session has been inactive, which might allow physically proximate attackers to access the console.
References (4)
Core 4
Core References
Various Sources x_refsource_misc
http://www.jwz.org/xscreensaver/faq.html#root-lock
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/36586
Patch, Vendor Advisory vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101338-1
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2037
Scores
EPSS
0.0005
EPSS Percentile
15.7%
Details
Status
published
Products (2)
sun/solaris
8.0 (2 CPE variants)
sun/solaris
9.0 (2 CPE variants)
Published
Jun 19, 2007
Tracked Since
Feb 18, 2026