Ubuntu Security Notice USN-669-1 - It was discovered that the notify feature in gnome-screensaver could let a local attacker read the clipboard contents of a locked session by using Ctrl-V.Alan Matsuoka discovered that gnome-screensaver did not properly handle network outages when using a remote authentication service. During a network interruption, or by disconnecting the network cable, a local attacker could gain access to locked sessions.
503ea5bb6995d52601e91c8918a28987277789d1561a4afbacdbb67e4fc0ef5b
Mandriva Linux Security Advisory - A vulnerability was found in gnome-screensaver prior to 2.22.1 when a remote authentication server was enabled. During a network outage, gnome-screensaver would crash upon an unlock attempt, allowing physically local users to gain access to locked sessions. The updated packages have been patched to correct this issue.
db1fd54bfb61c2ea50edcb42a6982539a04cc059a046ec15aa3893a6d4f9df0a
Gentoo Linux Security Advisory GLSA 200804-12 - gnome-screensaver incorrectly handles the results of the getpwuid() function in the file src/setuid.c when using directory servers (like NIS) during a network outage, a similar issue to GLSA 200705-14. Versions less than 2.20.0-r3 are affected.
1c166bbb47281153c9a39e490981d486f4ed1c6a8735bf3de4ea53c10bcbc55a