| Revision Date: | 2013-04-29 | Version: | 10 | | Title: | XScreenSaver 4.10, when using a remote directory service for credentials, does not properly handle the results from the getpwuid function in drivers/lock.c when there is no network connectivity, which causes XScreenSaver to crash and unlock the screen and allows local users to bypass authentication. | | Description: | XScreenSaver 4.10, when using a remote directory service for credentials, does not properly handle the results from the getpwuid function in drivers/lock.c when there is no network connectivity, which causes XScreenSaver to crash and unlock the screen and allows local users to bypass authentication. | | Family: | unix | Class: | vulnerability | | Status: | ACCEPTED | Reference(s): | CVE-2007-1859
| | Platform(s): | CentOS Linux 3
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
| Product(s): | | | Definition Synopsis | | OS Section: RHEL3, CentOS3 RHEL3 or CentOS3
The operating system installed on the system is Red Hat Enterprise Linux 3
OR CentOS Linux 3.x
AND xscreensaver is earlier than 1:4.10-21.el3
OR OS Section: RHEL4, CentOS4, Oracle Linux 4
RHEL4, CentOS4 or Oracle Linux 4
The operating system installed on the system is Red Hat Enterprise Linux 4
OR CentOS Linux 4.x
OR Oracle Linux 4.x
AND xscreensaver is earlier than 1:4.18-5.rhel4.14
|
|