openSUSE 10 Security Update : festival (festival-4377)
Critical Nessus Plugin ID 27520
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThe festival daemon runs as root. The default config doesn't have a password set. A local attacker could therefore connect to the daemon to have commands executed as root (CVE-2007-4074).
SolutionUpdate the affected festival packages.