Lucene search
CentOS ProjectCESA-2007:0322-01HistoryMay 03, 2007 - 11:03 p.m.
xscreensaver security update
2007-05-0323:03:02
CentOS Project
lists.centos.org
39
0.0004 Low
EPSS
Percentile
9.8%
CentOS Errata and Security Advisory CESA-2007:0322-01
XScreenSaver is a collection of screensavers.
Alex Yamauchi discovered a flaw in the way XScreenSaver verifies user
passwords. When a system is using a remote directory service for login
credentials, a local attacker may be able to cause a network outage causing
XScreenSaver to crash, unlocking the screen. (CVE-2007-1859)
Users of XScreenSaver should upgrade to this updated package, which
contains a backported patch to correct this issue.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2007-May/075880.html
Affected packages:
xscreensaver
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| CentOS | 2 | i386 | xscreensaver | < 3.33-4.rhel21.5 | xscreensaver-3.33-4.rhel21.5.i386.rpm |
Related
nessus
nessus
Scientific Linux Security Update : xscreensaver on SL4 i386/x86_64
2012-08-01 00:00:00
SuSE 10 Security Update : xscreensaver (ZYPP Patch Number 3241)
2007-12-13 00:00:00
Scientific Linux Security Update : xscreensaver on SL3.0.x i386/x86_64
2012-08-01 00:00:00
openvas
openvas
Mandriva Update for xscreensaver MDKSA-2007:097 (xscreensaver)
2009-04-09 00:00:00
Ubuntu: Security Advisory (USN-474-1)
2009-03-23 00:00:00
Gentoo Security Advisory GLSA 200705-14 (xscreensaver)
2008-09-24 00:00:00
centos
centos
xscreensaver security update
2007-05-02 16:47:42
ubuntu
ubuntu
xscreensaver vulnerability
2007-06-12 00:00:00
gentoo
gentoo
XScreenSaver: Privilege escalation
2007-05-13 00:00:00
oraclelinux
oraclelinux
Important: xscreensaver security update
2007-05-08 00:00:00
securityvulns
securityvulns
[ MDKSA-2007:097 ] - Updated xscreensaver packages fix vulnerability
2007-05-04 00:00:00
xscreensaver console access protection bypass
2007-05-04 00:00:00
cve
cve
CVE-2007-1859
2007-05-02 20:19:00
prion
prion
Authentication flaw
2007-05-02 20:19:00
Sql injection
2008-04-06 23:44:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:15:32
cvelist
cvelist
CVE-2007-1859
2007-05-02 20:00:00
CVE-2008-0887
2008-04-06 23:00:00
ubuntucve
ubuntucve
CVE-2007-1859
2007-05-02 00:00:00
CVE-2008-0887
2008-04-06 00:00:00
redhat
redhat
(RHSA-2007:0322) Important: xscreensaver security update
2007-05-02 00:00:00
debiancve
debiancve
CVE-2007-1859
2007-05-02 20:19:00
CVE-2008-0887
2008-04-06 23:44:00