SciLinux: CVE-2007-1859 SL3.0.x xscreensaver i386/x86_64
Summary
Date: Mon, 14 May 2007 15:26:47 -0500Reply-To: Connie SiehSender: Security Errata for Scientific Linux From: Connie Sieh Subject: Security ERRATA for SL3.0.x xscreensaver i386/x86_64Comments: To: scientific Synopsis: Important: xscreensaver security updateIssue date: 2007-05-02CVE Names: CVE-2007-1859Alex Yamauchi discovered a flaw in the way XScreenSaver verifies userpasswords. When a system is using a remote directory service for logincredentials, a local attacker may be able to cause a network outage causingXScreenSaver to crash, unlocking the screen. (CVE-2007-1859)SRPMS: xscreensaver-4.10-21.el3.src.rpmi386: xscreensaver-4.10-21.el3.i386.rpmx86_64: xscreensaver-4.10-21.el3.x86_64.rpm-Connie Sieh-Troy Dawson