Alex Yamauchi has reported a weakness in XScreenSaver, which can potentially be exploited by malicious people with physical access to bypass certain security restrictions.
The weakness is caused due to an error within the parsing of results of a call to "getpwuid()" in drivers/lock.c when using directory servers during a network outage. This can be exploited to e.g. crash XScreenSaver and thus gain access to a locked system.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org