SuSE 10 Security Update : festival (ZYPP Patch Number 4378)
Critical Nessus Plugin ID 29424
SynopsisThe remote SuSE 10 host is missing a security-related patch.
DescriptionThe festival daemon runs as root. The default config doesn't have a password set. A local attacker could therefore connect to the daemon to have commands executed as root. (CVE-2007-4074)
SolutionApply ZYPP patch number 4378.