Full Disclosure mailing list archives

Work-around solution to : Apple Mac OS X Screen Saver Password Prompt Buffer Overflow Vulnerability

From: Rishi Pande <rpande () vt edu>
Date: Tue, 8 Jul 2003 17:43:59 -0400

Hello,

With regards to the above vulnerability, I tested 3 Machines (1: G4450 & 2: Dual G4 1.2G) They all had the mentioned screen savervulnerability.However, a work-around solution is if you use "Key-chain access" andlock screen instead of using the "hot-spot" method. The end effects arethe same using both but the buffer overflow is avoided using the formermethod.

                Hope this helps.
                                                        Regards,
                                                        Rishi Pande

P.S. To get to Key Chain -

Desktop->Hard Drive->Applications->Utilities->Key-chainaccess->View->Show Status in MenuBar->Lock Screen


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Work-around solution to : Apple Mac OS X Screen Saver Password Prompt Buffer Overflow Vulnerability Rishi Pande (Jul 08)
- Re: Work-around solution to : Apple Mac OS X Screen Saver Password Prompt Buffer Overflow Vulnerability petard (Jul 08)
  - woops!!! Re: Work-around solution to : Apple Mac OS X Screen Saver Password Prompt Buffer Overflow Vulnerability Rishi Pande (Jul 08)