FreeBSD : xlockmore -- local exploit (57652765-18aa-11e2-8382-00a0d181e71d)

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Ignatios Souvatzis of NetBSD reports :

Due to an error in the dclock screensaver in xlockmore, users who
explicitly use this screensaver or a random mix of screensavers using
something like 'xlockmore -mode random' may have their screen unlocked
unexpectedly at a random time.

See also :

http://www.openwall.com/lists/oss-security/2012/10/17/10
http://www.nessus.org/u?685642da

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 62611 ()

Bugtraq ID:

CVE ID: CVE-2012-4524

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now