KDE Desktop Locking/Screensave Activation May Fail
|
|
SecurityTracker Alert ID: 1016571
|
|
SecurityTracker URL: http://securitytracker.com/id?1016571
|
|
CVE Reference: CVE-2006-2933
(Links to External Site)
|
Date: Jul 25 2006
|
Impact: User access via local system
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Description: A vulnerability was reported in KDE. The desktop may fail to lock or the screensaver may fail to activate.
The kdesktop_lock process may fail to terminate properly in certain cases. This may cause the desktop to fail to lock at the user's
request or may prevent the screensaver to activate. A physically local user may be able to gain access to the desktop.
|
Impact: The desktop or screensaver may not lock properly, allowing a physically local user to gain access to the desktop.
|
Solution: The vendor has issued a fix.
[Editor's note: It is unclear in which version the fix was included.]
|
Vendor URL: www.kde.org/ (Links to External Site)
|
Cause: State error
|
Underlying OS: Linux (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Tue, 25 Jul 2006 14:20:21 -0400
Subject: KDE vulnerability
|
Red Hat reported:
A flaw was found in KDE where the kdesktop_lock process sometimes
failed to terminate properly. This issue could either block the user's
ability to manually lock the desktop or prevent the screensaver to
activate, both of which could have a security impact for users who rely on
these functionalities.
(CVE-2006-2933)
|
|
