Home page logo
/

oss-sec logo oss-sec mailing list archives

CVE Request - xlockmore 5.43 fixes a security flaw
From: "mancha" <mancha1 () hush com>
Date: Tue, 16 Jul 2013 19:18:07 +0000

Hello Kurt, vendors, et al.

xlockmore 5.43 released 2 days ago with a fix for a security
flaw related to potential NULL pointer dereferences when
authenticating via glibc 2.17+ crypt() and OSF/1 C2 security's
dispcrypt().

Under certain conditions the NULL pointers can trigger a crash
in xlockmore effectively bypassing the screen lock.

[1] http://www.tux.org/~bagleyd/xlock/xlockmore.README

--mancha


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault