Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Overflow in xlock

From: morgan () PARC POWER NET (Andrew G. Morgan)
Date: Sun, 27 Apr 1997 13:13:08 -0700

George Staikos wrote:

There appears to be an exploitable buffer overflow in xlock, the X based
screensaver/locker.  Xlock is installed suid root on machines with
shadowed passwords.  I have verified this on xlock versions on AIX 4.x and
Linux (exploit for Linux posted below), but I cannot determine what


This is not a security problem with the xlock shipped with Red Hat linux.
Their PAM-enabled version is not setuid.  In principle, xlock can also
verify a user's shadowed password in this "unprivileged" state, using the
pam_pwdb module.

Cheers

Andrew
--
               Linux-PAM, libpwdb, Orange-Linux and Linux-GSS
                  http://parc.power.net/morgan/index.html
       [ For those that prefer FTP  ---  ftp://ftp.lalug.org/morgan ]
Previous By Date Next
Previous By Thread Next

Current thread: