PT-2006-2344 · Gnome · Gnome-Screensaver

Sam Morris

Published

2006-03-21

Updated

2017-07-20

CVE-2006-1335

CVSS v2.0

3.7

Low

Vector

AV:L/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions gnome screensaver versions prior to 2.14

Description The issue allows attackers with physical access to cause the screensaver to crash and access the session via the Ctrl+Alt+Keypad-Multiply keyboard sequence, which removes the grab from gnome, when running on an X server with AllowDeactivateGrabs and AllowClosedownGrabs enabled.

Recommendations For versions prior to 2.14, consider disabling the screensaver or restricting physical access to the system until a patch is available. As a temporary workaround, disabling the AllowDeactivateGrabs and AllowClosedownGrabs options on the X server may minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-1335

Affected Products

Gnome-Screensaver

PT-2006-2344 · Gnome · Gnome-Screensaver

CVE-2006-1335

Related Identifiers

Affected Products

References · 8