CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sun sunos 5.6 |
||
sun solaris 2.6 |
||
sun sunos - |