Bugtraq mailing list archives
Re: Overflow in xlock
From: morgan () PARC POWER NET (Andrew G. Morgan)
Date: Sun, 27 Apr 1997 13:13:08 -0700
George Staikos wrote:
There appears to be an exploitable buffer overflow in xlock, the X based screensaver/locker. Xlock is installed suid root on machines with shadowed passwords. I have verified this on xlock versions on AIX 4.x and Linux (exploit for Linux posted below), but I cannot determine what
This is not a security problem with the xlock shipped with Red Hat linux. Their PAM-enabled version is not setuid. In principle, xlock can also verify a user's shadowed password in this "unprivileged" state, using the pam_pwdb module. Cheers Andrew -- Linux-PAM, libpwdb, Orange-Linux and Linux-GSS http://parc.power.net/morgan/index.html [ For those that prefer FTP --- ftp://ftp.lalug.org/morgan ]
Current thread:
- CPSN 4-970424: Possible buffer overflow in pop3d Corinne Posse (Apr 26)
- Re: CPSN 4-970424: Possible buffer overflow in pop3d George Staikos (Apr 26)
- Re: CPSN 4-970424: Possible buffer overflow in pop3d Derric Scott (Apr 27)
- Re: CPSN 4-970424: Possible buffer overflow in pop3d J. Joseph Max Katz (Apr 28)
- Re: CPSN 4-970424: Possible buffer overflow in pop3d Johannes Erdfelt (Apr 28)
- Re: CPSN 4-970424: Possible buffer overflow in pop3d Derric Scott (Apr 27)
- Overflow in xlock George Staikos (Apr 26)
- Re: Overflow in xlock David Hedley (Apr 27)
- Re: Overflow in xlock Bollinger (Apr 27)
- Re: Overflow in xlock Andrew G. Morgan (Apr 27)
- Thoughts about DNS... Thomas H. Ptacek (Apr 26)
- Re: Thoughts about DNS... Illuminati Primus (Apr 26)
- Re: Thoughts about DNS... Thomas H. Ptacek (Apr 26)
- Re: Thoughts about DNS... Illuminati Primus (Apr 26)
- Re: Thoughts about DNS... Thomas H. Ptacek (Apr 27)
- BIND ID Brute Force Fix Illuminati Primus (Apr 27)
- Re: Thoughts about DNS... Illuminati Primus (Apr 27)
- Re: Thoughts about DNS... Thomas H. Ptacek (Apr 27)
- Re: Thoughts about DNS... Illuminati Primus (Apr 26)
- Re: CPSN 4-970424: Possible buffer overflow in pop3d George Staikos (Apr 26)
- <Possible follow-ups>
- Re: CPSN 4-970424: Possible buffer overflow in pop3d Andy Church (Apr 28)