Debian Security Advisory DSA 660-1 (kdebse) Network Vulnerability

Summary

The remote host is missing an update to kdebse announced via advisory DSA 660-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20660-1

Insight

Raphaël Enrici discovered that the KDE screensaver can crash under certain local circumstances. This can be exploited by an attacker with physical access to the workstation to take over the desktop session. For the stable distribution (woody) this problem has been fixed in version 2.2.2-14.9. This problem has been fixed upstream in KDE 3.0.5 and is therefore fixed in the unstable (sid) and testing (sarge) distributions already. We recommend that you upgrade your kscreensaver package.

Severity

Classification

CVE CVE-2005-0078

CVSS	Base Score: 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1155-2 (sendmail)
Debian Security Advisory DSA 103-1 (glibc)
Debian Security Advisory DSA 1090-1 (spamassassin)
Debian Security Advisory DSA 1093-1 (xine-ui)
Debian Security Advisory DSA 1115-1 (gnupg2)

Take action and discover your vulnerabilities