Mandriva Update For Gnome-screensaver MDVSA-2008:132 (gnome-screensaver) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability was found in gnome-screensaver prior to 2.22.1 when a remote authentication server was enabled. During a network outage, gnome-screensaver would crash upon an unlock attempt, allowing physically local users to gain access to locked sessions (CVE-2008-0887). The updated packages have been patched to correct this issue.

Affected

gnome-screensaver on Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64

Severity

Classification

CVE CVE-2008-0887

CVSS	Base Score: 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:068-1 (poppler)
Mandrake Security Advisory MDVSA-2009:212 (python)
Mandrake Security Advisory MDVSA-2009:154 (dhcp)
Mandrake Security Advisory MDVSA-2009:063 (eog)
Mandrake Security Advisory MDVSA-2009:037 (bind)

Mandriva Update for gnome-screensaver MDVSA-2008:132 (gnome-screensaver)

Take action and discover your vulnerabilities