Oracle Linux 5 : gnome-screensaver (ELSA-2008-0197)
Medium Nessus Plugin ID 67673
SynopsisThe remote Oracle Linux host is missing a security update.
DescriptionFrom Red Hat Security Advisory 2008:0197 :
An updated gnome-screensaver package that fixes a security flaw is now available for Red Hat Enterprise Linux 5.
This update has been rated as having moderate security impact by the Red Hat Security Response Team.
gnome-screensaver is the GNOME project's official screen saver program.
A flaw was found in the way gnome-screensaver verified user passwords.
When a system used a remote directory service for login credentials, a local attacker able to cause a network outage could cause gnome-screensaver to crash, unlocking the screen. (CVE-2008-0887)
Users of gnome-screensaver should upgrade to this updated package, which contains a backported patch to correct this issue.
SolutionUpdate the affected gnome-screensaver package.