mailing list archives
Re: screen 4.0.3 local Authentication Bypass
From: Alexander Klink <a.klink () cynops de>
Date: Mon, 4 Jun 2007 10:14:58 +0200
On Mon, Jun 04, 2007 at 05:36:31AM +0200, rembrandt () jpberlin de wrote:
It has been tested on OpenBSD 4.1 + screen 4.0.3 on x86.
How to reproduce:
Lock screen using ctrl+x
I guess you mean Ctrl+a+x?
Choose a Password
Confirm the Password
Screen asks for a Password to unlock the screen.
Just press ctrl+c and it displays "Getpass error".
2 seconds later the screen is unlocked and you`ve access.
I can't reproduce this on either Mac OS X (screen 4.00.03) or
Debian (screen 4.00.02) ...
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/