Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2007-1859
Description:XScreenSaver 4.10, when using a remote directory service for credentials, does not properly handle the results from the getpwuid function in drivers/lock.c when there is no network connectivity, which causes XScreenSaver to crash and unlock the screen and allows local users to bypass authentication.
Test IDs: 1.3.6.1.4.1.25623.1.0.59163   1.3.6.1.4.1.25623.1.0.58377   1.3.6.1.4.1.25623.1.0.58276   1.3.6.1.4.1.25623.1.0.65034   1.3.6.1.4.1.25623.1.0.58244   1.3.6.1.4.1.25623.1.0.62371   1.3.6.1.4.1.25623.1.0.62384  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2007-1859
BugTraq ID: 23783
http://www.securityfocus.com/bid/23783
http://security.gentoo.org/glsa/glsa-200705-14.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:097
http://osvdb.org/35531
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11459
RedHat Security Advisories: RHSA-2007:0322
http://www.redhat.com/support/errata/RHSA-2007-0322.html
http://www.securitytracker.com/id?1017996
http://secunia.com/advisories/25065
http://secunia.com/advisories/25105
http://secunia.com/advisories/25116
http://secunia.com/advisories/25118
http://secunia.com/advisories/25119
http://secunia.com/advisories/25225
http://secunia.com/advisories/25610
SuSE Security Announcement: SUSE-SR:2007:009 (Google Search)
http://www.novell.com/linux/security/advisories/2007_9_sr.html
http://www.ubuntu.com/usn/usn-474-1
XForce ISS Database: xscreensaver-getpwuid-authentication-bypass(34054)
https://exchange.xforce.ibmcloud.com/vulnerabilities/34054




© 1998-2024 E-Soft Inc. All rights reserved.