|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: xlock vulnerability
From: bind (bind
SUBTERRAIN.NET)Date: Wed Aug 16 2000 - 01:17:24 CDT
- Next message: Ben Lull: "[Fwd: Stack Overflow Vulnerability in procps's top]"
- Previous message: herblessHUSHMAIL.COM: "MS-SQL 'sa' password exploit code"
- Next in thread: Thomas Biege: "Re: xlock vulnerability"
- Reply: Thomas Biege: "Re: xlock vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello,
A format bug exists in all X11R6 xlock's handling of the display ('-d') option.
(bindcassius ~) $ xlock -d %x%x%x%x%x
xlock: unable to open display dfbfd958402555e1ea748dfbfd958dfbfd654.
Systems that we tested that were vulnerable included OpenBSD 2.7, FreeBSD
4.1 and Slackware 7.1.
The patch is attached.
-bind
- text/plain attachment: xlock.c.diff
- Next message: Ben Lull: "[Fwd: Stack Overflow Vulnerability in procps's top]"
- Previous message: herblessHUSHMAIL.COM: "MS-SQL 'sa' password exploit code"
- Next in thread: Thomas Biege: "Re: xlock vulnerability"
- Reply: Thomas Biege: "Re: xlock vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]