10 matches found
CVE-2016-6866
slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash...
CVE-2016-6866
CVE-2016-6866 affects the screen-locker slock. A null pointer dereference can occur when verifying a password for a user with an invalid shadow hash entry, caused by calling crypt(3) and using its return value in strcmp(3) without checking for NULL. This can lead to a crash and potential local im...
CVE-2016-6866
slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash...
Fedora Update for slock FEDORA-2016-1b7e66c08b
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[ASA-201611-21] slock: access restriction bypass
Arch Linux Security Advisory ASA-201611-21 ========================================== Severity: Medium Date : 2016-11-21 CVE-ID : CVE-2016-6866 Package : slock Type : access restriction bypass Remote : No Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package slock before...
Fedora 25 : slock (2016-1b7e66c08b)
This release fixes CVE-2016-6866, a crash when verifying a password for a user without a valid shadow hash entry. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and forma...
MGASA-2016-0308 Updated slock packages fix security vulnerability
The slock utility is susceptible to crash when verifying a password for a user without a valid shadow hash entry CVE-2016-6866...
Fedora 24 : slock (2016-985b68721b)
This release fixes CVE-2016-6866, a crash when verifying a password for a user without a valid shadow hash entry. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and forma...
Fedora 23 : slock (2016-7e817cbf55)
This release fixes CVE-2016-6866, a crash when verifying a password for a user without a valid shadow hash entry. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and forma...
[SECURITY] [DLA 598-1] suckless-tools security update
Package : suckless-tools Version : 38-2+deb7u1 CVE ID : CVE-2016-6866 It was discovered that the slock screen locking tool would segfault when the users account had been disabled. slock called crypt3 and used the return value for strcmp3 without checking to see if the return value of crypt3 was a...