54 matches found
CVE-2016-6866
slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash...
CVE-2016-6866
slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash...
CVE-2016-6866
CVE-2016-6866 affects the screen-locker slock. A null pointer dereference can occur when verifying a password for a user with an invalid shadow hash entry, caused by calling crypt(3) and using its return value in strcmp(3) without checking for NULL. This can lead to a crash and potential local im...
CVE-2016-6866
slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash...
Fedora Update for slock FEDORA-2016-1b7e66c08b
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[ASA-201611-21] slock: access restriction bypass
Arch Linux Security Advisory ASA-201611-21 ========================================== Severity: Medium Date : 2016-11-21 CVE-ID : CVE-2016-6866 Package : slock Type : access restriction bypass Remote : No Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package slock before...
Fedora 25 : slock (2016-1b7e66c08b)
This release fixes CVE-2016-6866, a crash when verifying a password for a user without a valid shadow hash entry. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and forma...
MGASA-2016-0308 Updated slock packages fix security vulnerability
The slock utility is susceptible to crash when verifying a password for a user without a valid shadow hash entry CVE-2016-6866...
Updated slock packages fix security vulnerability
The slock utility is susceptible to crash when verifying a password for a user without a valid shadow hash entry CVE-2016-6866...
Fedora 23 : slock (2016-7e817cbf55)
This release fixes CVE-2016-6866, a crash when verifying a password for a user without a valid shadow hash entry. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and forma...
Fedora 24 : slock (2016-985b68721b)
This release fixes CVE-2016-6866, a crash when verifying a password for a user without a valid shadow hash entry. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and forma...
Fedora Update for slock FEDORA-2016-985b68721b
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for slock FEDORA-2016-7e817cbf55
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 23 Update: slock-1.3-2.fc23
This is the simplest X screen locker we are aware of. It is stable and quite a lot people in this community are using it every day when they are out with friends or fetching some food from the local pub...
[SECURITY] Fedora 25 Update: slock-1.3-2.fc25
This is the simplest X screen locker we are aware of. It is stable and quite a lot people in this community are using it every day when they are out with friends or fetching some food from the local pub...
Debian DLA-598-1 : suckless-tools security update
It was discovered that the slock screen locking tool would segfault when the user's account had been disabled. slock called crypt3 and used the return value for strcmp3 without checking to see if the return value of crypt3 was a NULL pointer. If the hash returned by getspnam-sppwdp was invalid,...
slock null pointer reference denial of service vulnerability
Slock is configured like most other suckless.org software. A null pointer reference denial of service vulnerability exists in slock. Allowing an attacker to cause a denial of service condition...
DLA-598-1 suckless-tools - security update
Bulletin has no description...
Gentoo Security Advisory GLSA 201412-10
Gentoo Linux Local Security Checks GLSA 201412-10 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Multiple packages, Multiple vulnerabilities fixed in 2012
Background For more information on the packages listed in this GLSA, please see their homepage referenced in the ebuild. Description Vulnerabilities have been discovered in the packages listed below. Please review the CVE identifiers in the Reference section for details. EGroupware VTE Layer Four...