Vulnerability Name: | CCN-18430 | ||||||
Published: | 2004-12-12 | ||||||
Updated: | 2004-12-12 | ||||||
Summary: | Novell NetWare could allow a local attacker to bypass authentication and gain unauthorized access to the system. Even if the nlm screen saver is enabled in lock mode, a local attacker could bypass authentication by pressing the Alt Shift and Shift Esc keys and disabling the screen saver process using NetWare debugger. | ||||||
CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||
CVSS v2 Severity: | 2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)
| ||||||
Vulnerability Consequences: | Bypass Security | ||||||
References: | Source: CCN Type: Full-Disclosure Mailing List, Sun Dec 12 2004 - 19:24:10 CST NetWare Screensaver Authentication Bypass From The Local Console Source: CCN Type: Novell Technical Information Document TID2969741 BorderManager ICSA Compliance Kit v5.0d Source: CCN Type: BID-11892 Novell Netware Screen Saver Local Authentication Bypass Vulnerability Source: XF Type: UNKNOWN netware-screensaver-auth-bypass(18430) | ||||||
Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable | ||||||
BACK |