Ubuntu USN-866-1 (gnome-screensaver) Network Vulnerability

Summary

The remote host is missing an update to gnome-screensaver announced via advisory USN-866-1.

Solution

The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.10: gnome-screensaver 2.28.0-0ubuntu3.1 After a standard system upgrade you need to restart your session to effect the necessary changes. https://secure1.securityspace.com/smysecure/catid.html?in=USN-866-1

Insight

It was discovered that gnome-screensaver did not always re-enable itself after applications requested it to ignore idle timers. This may result in the screen not being automatically locked after the inactivity timeout is reached, permitting an attacker with physical access to gain access to an unlocked session.

Severity

Classification

CVE CVE-2009-4641
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Ubuntu Update for base-files vulnerability USN-968-1
Ubuntu Update for curl USN-1721-1
Ubuntu Update for bash USN-2380-1
Ubuntu Update for bind9 vulnerability USN-1070-1
Ubuntu Update for dbus-glib USN-1753-1

Take action and discover your vulnerabilities