Mandriva Update For Gnome-screensaver MDVSA-2011:093 (gnome-screensaver) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability has been found and corrected in gnome-screensaver: gnome-screensaver 2.14.3, 2.22.2, 2.27.x, 2.28.0, and 2.28.3, when the X configuration enables the extend screen option, allows physically proximate attackers to bypass screen locking, access an unattended workstation, and view half of the GNOME desktop by attaching an external monitor (CVE-2010-0285). The updated packages have been patched to correct this issue.

Affected

gnome-screensaver on Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64

Severity

Classification

CVE CVE-2010-0285
CVSS Base Score: 5.6
AV:L/AC:H/Au:N/C:C/I:C/A:N

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:213 (wxgtk)
Mandrake Security Advisory MDVSA-2009:018 (tomcat5)
Mandrake Security Advisory MDVSA-2009:155 (git)
Mandrake Security Advisory MDVSA-2009:025 (pidgin)
Mandrake Security Advisory MDVSA-2009:127 (gaim)

Mandriva Update for gnome-screensaver MDVSA-2011:093 (gnome-screensaver)

Take action and discover your vulnerabilities