English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.66922
Category:Mandrake Local Security Checks
Title:Mandriva Security Advisory MDVSA-2010:040 (gnome-screensaver)
Summary:NOSUMMARY
Description:Description:
The remote host is missing an update to gnome-screensaver
announced via advisory MDVSA-2010:040.

Multiple vulnerabilities has been discovered and corrected in
gnome-screensaver:

gnome-screensaver 2.28.0 does not resume adherence to its activation
settings after an inhibiting application becomes unavailable on the
session bus, which allows physically proximate attackers to access
an unattended workstation on which screen locking had been intended
(CVE-2009-4641).

gnome-screensaver before 2.28.2 allows physically proximate attackers
to bypass screen locking and access an unattended workstation by moving
the mouse position to an external monitor and then disconnecting that
monitor (CVE-2010-0414).

This update provides gnome-screensaver 2.28.3, which is not vulnerable
to these issues.

Affected: 2010.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2010:040

Risk factor : High

CVSS Score:
7.2

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-4641
http://www.mandriva.com/security/advisories?name=MDVSA-2010:040
http://www.ubuntu.com/usn/USN-866-1
Common Vulnerability Exposure (CVE) ID: CVE-2010-0414
38149
http://www.securityfocus.com/bid/38149
38468
http://secunia.com/advisories/38468
38532
http://secunia.com/advisories/38532
38534
http://secunia.com/advisories/38534
62219
http://www.osvdb.org/62219
FEDORA-2010-1556
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034904.html
MDVSA-2010:040
USN-898-1
http://www.ubuntu.com/usn/USN-898-1
http://ftp.gnome.org/pub/GNOME/sources/gnome-screensaver/2.28/gnome-screensaver-2.28.2.news
http://git.gnome.org/browse/gnome-screensaver/commit/?id=a5f66339be6719c2b8fc478a1d5fc6545297d950
http://git.gnome.org/browse/gnome-screensaver/commit/?id=dcca89b7ab6e1220815af38da246434b2e13fd9f
https://bugzilla.gnome.org/show_bug.cgi?id=609337
https://bugzilla.redhat.com/show_bug.cgi?id=562217
CopyrightCopyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.