Re: Overflow in xlock

Andrew G. Morgan (morgan@PARC.POWER.NET)
Sun, 27 Apr 1997 13:13:08 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: nate: "Smashing the Stack: prevention?"
Previous message: David Hedley: "Re: Overflow in xlock"
Maybe in reply to: George Staikos: "Overflow in xlock"

George Staikos wrote:
> There appears to be an exploitable buffer overflow in xlock, the X based
> screensaver/locker. Xlock is installed suid root on machines with
> shadowed passwords. I have verified this on xlock versions on AIX 4.x and
> Linux (exploit for Linux posted below), but I cannot determine what

This is not a security problem with the xlock shipped with Red Hat linux.
Their PAM-enabled version is not setuid. In principle, xlock can also
verify a user's shadowed password in this "unprivileged" state, using the
pam_pwdb module.

Cheers

Andrew

--
               Linux-PAM, libpwdb, Orange-Linux and Linux-GSS
                  http://parc.power.net/morgan/index.html
       [ For those that prefer FTP  ---  ftp://ftp.lalug.org/morgan ]

Next message: nate: "Smashing the Stack: prevention?"
Previous message: David Hedley: "Re: Overflow in xlock"
Maybe in reply to: George Staikos: "Overflow in xlock"