[16271] in bugtraq
xlock vulnerability
daemon@ATHENA.MIT.EDU (bind)
Wed Aug 16 13:45:01 2000
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="J2SCkAp4GZ/dPZZf"
Content-Disposition: inline
Message-Id: <20000815231724.A14694@subterrain.net>
Date: Tue, 15 Aug 2000 23:17:24 -0700
Reply-To: bind <bind@SUBTERRAIN.NET>
From: bind <bind@SUBTERRAIN.NET>
To: BUGTRAQ@SECURITYFOCUS.COM
--J2SCkAp4GZ/dPZZf
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Hello,
A format bug exists in all X11R6 xlock's handling of the display ('-d') option.
(bind@cassius ~) $ xlock -d %x%x%x%x%x
xlock: unable to open display dfbfd958402555e1ea748dfbfd958dfbfd654.
Systems that we tested that were vulnerable included OpenBSD 2.7, FreeBSD
4.1 and Slackware 7.1.
The patch is attached.
-bind
--J2SCkAp4GZ/dPZZf
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="xlock.c.diff"
--- xlock.c Tue Aug 15 23:10:32 2000
+++ xlock-patched.c Tue Aug 15 23:03:22 2000
@@ -944,7 +944,7 @@ error(const char *buf)
#if defined( HAVE_SYSLOG_H ) && defined( USE_SYSLOG )
extern Display *dsp;
- syslog(SYSLOG_WARNING, buf);
+ syslog(SYSLOG_WARNING,"%s", buf);
if (!nolock) {
if (strstr(buf, "unable to open display") == NULL)
syslogStop(XDisplayString(dsp));
@@ -953,7 +953,7 @@ error(const char *buf)
closelog();
}
#else
- (void) fprintf(stderr, buf);
+ (void) fprintf(stderr,"%s", buf);
#endif
exit(1);
}
--J2SCkAp4GZ/dPZZf--
