Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Overflow in xlock
From: morgan () PARC POWER NET (Andrew G. Morgan)
Date: Sun, 27 Apr 1997 13:13:08 -0700

George Staikos wrote:
There appears to be an exploitable buffer overflow in xlock, the X based
screensaver/locker.  Xlock is installed suid root on machines with
shadowed passwords.  I have verified this on xlock versions on AIX 4.x and
Linux (exploit for Linux posted below), but I cannot determine what

This is not a security problem with the xlock shipped with Red Hat linux.
Their PAM-enabled version is not setuid.  In principle, xlock can also
verify a user's shadowed password in this "unprivileged" state, using the
pam_pwdb module.


               Linux-PAM, libpwdb, Orange-Linux and Linux-GSS
       [ For those that prefer FTP  ---  ftp://ftp.lalug.org/morgan ]

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]