Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Gentoo: 200804-12 normal: gnome-screensaver authentication bypass

gentoo
Calendar Grey April 11, 2008
Dist Gentoo Esm H88
Gentoo GLSA-200804-13 highlights a vulnerability in xfce4-screensaver that allows unauthorized access for local users.
gnome-screensaver allows local users to bypass authentication under certain configurations.

Summary

Gentoo Linux Security Advisory GLSA 200804-12 https://security.gentoo.org/ Severity: Normal Title: gnome-screensaver: Privilege escalation Date: April 11, 2008 Bugs: #213940 ID: 200804-12

Synopsis ======= gnome-screensaver allows local users to bypass authentication under certain configurations.
Background ========= gnome-screensaver is a screensaver, designed to integrate with the Gnome desktop, that can replace xscreensaver.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 gnome-extra/gnome-screensaver < 2.20.0-r3 >= 2.20.0-r3
========== gnome-screensaver incorrectly handles the results of the getpwuid() function in the file src/setuid.c when using directory servers (like ...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory Gentoo privilege escalation authentication bypass gnome-screensaver normal severity

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory Gentoo privilege escalation authentication bypass gnome-screensaver normal severity

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here