Full Disclosure mailing list archives
woops!!! Re: Work-around solution to : Apple Mac OS X Screen Saver Password Prompt Buffer Overflow Vulnerability
From: Rishi Pande <rpande () vt edu>
Date: Tue, 8 Jul 2003 20:05:27 -0400
You are right, the e-macs technique works on my I-book. I tried the good old "keyboard mash for 5 minutes" on the G4 desktops and that didn't work. I will try it again tomorrow morning.
Apologies for the incorrect info. Rishi On Tuesday, July 8, 2003, at 07:41 PM, petard wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1With regards to the above vulnerability, I tested 3 Machines (1: G4 450 & 2: Dual G4 1.2G) They all had the mentioned screen saver vulnerability. However, a work-around solution is if you use "Key-chain access" andlock screen instead of using the "hot-spot" method. The end effects are the same using both but the buffer overflow is avoided using the formermethod.Using your method of locking the screen, my machine (G4 1GHz, 10.2.6) is still vulnerable. I was able to get in in under 20 seconds using the emacs shortcuts,same as before. Regards, petard - -- "I say we institute [...] roving squadrons of Darren Reed clones to bore yuppie scum like this to death with the inherent merits of ipf over pf." -- Anonymous Coward, OpenBSD Journal (http://deadly.org/) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (NetBSD) iD8DBQE/C1aOgkiZ59A0kiQRAh/bAJ9T1pddXRk3xWwWYOEgZUKavr9N0QCcCWsR TPlO0+IssU09RilIWuOvmFk= =c3KH -----END PGP SIGNATURE-----
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Work-around solution to : Apple Mac OS X Screen Saver Password Prompt Buffer Overflow Vulnerability Rishi Pande (Jul 08)
- Re: Work-around solution to : Apple Mac OS X Screen Saver Password Prompt Buffer Overflow Vulnerability petard (Jul 08)
- woops!!! Re: Work-around solution to : Apple Mac OS X Screen Saver Password Prompt Buffer Overflow Vulnerability Rishi Pande (Jul 08)
- Re: Work-around solution to : Apple Mac OS X Screen Saver Password Prompt Buffer Overflow Vulnerability petard (Jul 08)