Mandriva Update For Gnome-screensaver MDVSA-2008:132 (gnome-screensaver) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability was found in gnome-screensaver prior to 2.22.1 when a remote authentication server was enabled. During a network outage, gnome-screensaver would crash upon an unlock attempt, allowing physically local users to gain access to locked sessions (CVE-2008-0887). The updated packages have been patched to correct this issue.

Affected

gnome-screensaver on Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64

Severity

Classification

CVE CVE-2008-0887
CVSS Base Score: 4.7
AV:L/AC:M/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:031 (avahi)
Mandrake Security Advisory MDVSA-2009:186 (firebird)
Mandrake Security Advisory MDVSA-2009:038 (blender)
Mandrake Security Advisory MDVSA-2009:004 (pam_mount)
Mandrake Security Advisory MDVSA-2009:174 (perl-Compress-Raw-Zlib)

Mandriva Update for gnome-screensaver MDVSA-2008:132 (gnome-screensaver)

Take action and discover your vulnerabilities