[16302] in bugtraq
Re: xlock vulnerability
daemon@ATHENA.MIT.EDU (Thomas Biege)
Fri Aug 18 21:49:30 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.21.0008180847010.30508-100000@Galois.suse.de>
Date: Fri, 18 Aug 2000 08:55:02 +0200
Reply-To: Thomas Biege <thomas@SUSE.DE>
From: Thomas Biege <thomas@SUSE.DE>
To: BUGTRAQ@SECURITYFOCUS.COM
Hi,
AFAIK xlock dropps it's priv's permanently on linux before this bug
happens.
I could be wrong, because the code includes alot of #ifdef, #else, #endif
statements and I made an failure in parsing them. :(
On SuSE Linux xlock is setgid shadow, so all an attacker gains by
exploiting this bug is read access to /etc/shadow.... weak passwords is
another problem. ;)
nevertheless, we fixed it and the RPMs will be available ASAP.
Have a nice weekend.
Bye,
Thomas
--
Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
E@mail: thomas@suse.de Function: Security Support & Auditing
"lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka"
Key fingerprint = 09 48 F2 FD 81 F7 E7 98 6D C7 36 F1 96 6A 12 47
