79 matches found
CVE-2001-1478
Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execute arbitrary code...
CVE-2001-0652
Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long 1 XFILESEARCHPATH or 2 XUSERFILESEARCHPATH environmental variable...
NSFOCUS SA2001-05 : Solaris Xlock Heap Overflow Vulnerability
NSFOCUS Security AdvisorySA2001-05 Topic: Solaris Xlock Heap Overflow Vulnerability Release DateЈє 2001-08-10 CVE CAN ID : CAN-2001-0652 BUGTRAQ ID : 3160 Affected system: ================ Sun Solaris 2.6 SPARC/x86 Sun Solaris 7 SPARC/x86 Sun Solaris 8 SPARC/x86 Impact: ========= NSFOCUS Security...
Переполнение буфера в xlock под Solaris (buffer overflow)
переполнение кучи дает привилегии root...
Solaris 2.678 (SPARC) - xlock Heap Overflow
Solaris 2.678 SPARC - xlock Heap Overflow // source: https://www.securityfocus.com/bid/3160/info Xlock is a utility for locking X-windows displays. It is installed setuid root because it uses the user's password to authorize access to the display when it is locked. The version of xlock that ships...
Solaris 8 - x86 xlock Heap Overflow
Solaris 8 - x86 xlock Heap Overflow // source: https://www.securityfocus.com/bid/3160/info Xlock is a utility for locking X-windows displays. It is installed setuid root because it uses the user's password to authorize access to the display when it is locked. The version of xlock that ships with...
Solaris 8 - x86 xlock Heap Overflow
// source: https://www.securityfocus.com/bid/3160/info Xlock is a utility for locking X-windows displays. It is installed setuid root because it uses the user's password to authorize access to the display when it is locked. The version of xlock that ships with Solaris as part of OpenWindows...
Solaris 2.6/7/8 (SPARC) - xlock Heap Overflow
// source: https://www.securityfocus.com/bid/3160/info Xlock is a utility for locking X-windows displays. It is installed setuid root because it uses the user's password to authorize access to the display when it is locked. The version of xlock that ships with Solaris as part of OpenWindows...
xlock.txt
Hi, I came across a nice xlock bug when i noticed i couldnt log in again as user after i "locked" my windowmaker screen. Xlock afaik is suid by default to read passwords from /etc/shadow. I removed most suidbits on my Slackware 7.1 box. Also the suidbit on my xlock has been removed. Problem: Any...
David Bagley xlock 4.16 - User Supplied Format String (2)
David Bagley xlock 4.16 - User Supplied Format String 2 // source: https://www.securityfocus.com/bid/1585/info A vulnerability exists in versions of the xlockmore program, originally written by David Bagley. It is believed to affect all versions of xlock derived from xlockmore. This includes the...
David Bagley xlock 4.16 - User Supplied Format String (2)
// source: https://www.securityfocus.com/bid/1585/info A vulnerability exists in versions of the xlockmore program, originally written by David Bagley. It is believed to affect all versions of xlock derived from xlockmore. This includes the xlock shipped with a number of popular operating systems...
Большая дырка в xlock
Перполнение буфера в сегменте данных позволяет получить доступ к данным из файла скрытых паролей...
Дырка в xlock/xlockmore
Ошибка форматной строки в имени дисплея. На некоторых системах xlock установлен как suid...
David Bagley xlock 4.16 - User Supplied Format String (1)
David Bagley xlock 4.16 - User Supplied Format String 1 // source: https://www.securityfocus.com/bid/1585/info A vulnerability exists in versions of the xlockmore program, originally written by David Bagley. It is believed to affect all versions of xlock derived from xlockmore. This includes the...
David Bagley xlock 4.16 - User Supplied Format String (1)
// source: https://www.securityfocus.com/bid/1585/info A vulnerability exists in versions of the xlockmore program, originally written by David Bagley. It is believed to affect all versions of xlock derived from xlockmore. This includes the xlock shipped with a number of popular operating systems...
CVE-2000-0455
Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option...
CVE-2000-0455
CVE-2000-0455: A buffer overflow in the xlockmore xlock program (versions 4.16 and earlier) allows local users to read sensitive data from memory via a long -mode option. Affected component is xlockmore; root cause is a memory safety overrun in handling the -mode argument. Impact documented as pa...
Security Advisory 2000-003
-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2000-003 ================================= Topic: Exploitable Vulnerability in Xlockmore Version: NetBSD pkgsrc prior to 11th May 2000. Severity: xlock can be manipulated to print the shadow password information Abstract ======== The...
[COVERT-2000-06] Initialized Data Overflow in Xlock
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Network Associates, Inc. COVERT Labs Security Advisory May 29, 2000 Initialized Data Overflow in Xlock COVERT-2000-06 o Synopsis An implementation vulnerability in xlock allows global variables in the initialized data section of memory to be...
CVE-1999-0030
The CVE-1999-0030 entry concerns the xlock command on SGI IRIX where a buffer overflow can grant root privileges. The core information across connected sources confirms: (1) affected component: xlock on SGI IRIX; (2) vulnerability type: buffer overflow leading to root privileges; (3) root-level i...