Mandrake Linux Security Advisory : xscreensaver (MDKSA-2007:097)
Medium Nessus Plugin ID 25157
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionA problem with the way xscreensaver verifies user passwords was discovered by Alex Yamauchi. When a system is using remote authentication (i.e. LDAP) for logins, a local attacker able to cause a network outage on the system could cause xscreensaver to crash, which would unlock the screen.
Updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.