Scientific Linux Security Update : xscreensaver on SL4 i386/x86_64
Medium Nessus Plugin ID 60175
SynopsisThe remote Scientific Linux host is missing a security update.
DescriptionAlex Yamauchi discovered a flaw in the way XScreenSaver verifies user passwords. When a system is using a remote directory service for login credentials, a local attacker may be able to cause a network outage causing XScreenSaver to crash, unlocking the screen. (CVE-2007-1859)
SolutionUpdate the affected xscreensaver package.