Re: Overflow in xlock

Bollinger (troy@AUSTIN.IBM.COM)
Sun, 27 Apr 1997 09:30:53 -0500

-----BEGIN PGP SIGNED MESSAGE-----

George Staikos wrote:
>
> There appears to be an exploitable buffer overflow in xlock, the X based
> screensaver/locker. Xlock is installed suid root on machines with
> shadowed passwords. I have verified this on xlock versions on AIX 4.x

There's a temporary fix for the AIX v4 xlock available for anonymous ftp
from testcase.software.ibm.com:/aix/fromibm/xlock.overflow_fix.aix4.Z.

Checksums:

sum 01445 73 xlock.overflow_fix.aix4
sum -i 41749 73 xlock.overflow_fix.aix4
sum -o 14725 73 xlock.overflow_fix.aix4

MD5 (xlock.overflow_fix.aix4) = e5e679a73b5a28ef471751bfee67d00c

Official APARs are in progress and will be available shortly.

If there are any questions regarding this fix or any other AIX security
bug, please contact security-alert@austin.ibm.com. Sensitive
information can be encrypted using the AIX Security PGP key. To
retrieve this key send email with a subject of "get key" to
security-alert@austin.ibm.com.

- --
+---------------- I do not speak for IBM! ------------------+
|Troy Bollinger | email: troy@austin.ibm.com|
|AIX Security Development | Sometimes the old ways are best.|
+-------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.7.1

iQCVAwUBM2NjHQsPbaL1YgqvAQGnIwP9Ep9XFmNKDMgUkzJyK8c9kHKM4J76SQkU
OPE8VvWKBGu9BezomMDd/RLf9b1lxA+lW0+vQvp+cEq8DRbGnI9V2pHiZBi6ESRG
9fwkFa07Uy5+6lDsO1HXYLwpLa8JBxqgH8wonUVFABrLBdaHXs3pxwdmHD1npBKA
P4o7hGikIzk=
=0kSc
-----END PGP SIGNATURE-----