xlockmore User Supplied Format String Vulnerability

BID:1585

Info

xlockmore User Supplied Format String Vulnerability

Bugtraq ID: 1585
Class: Input Validation Error
CVE:
Remote: No
Local: Yes
Published: Aug 15 2000 12:00AM
Updated: Aug 15 2000 12:00AM
Credit: This vulnerability was posted to the Bugtraq mailing list by bind <[email protected]> on August 15, 2000.
Vulnerable: David Bagley xlock 4.16.1
David Bagley xlock 4.16
+ Debian Linux 2.2 sparc
 + Debian Linux 2.2 powerpc
 + Debian Linux 2.2 arm
 + Debian Linux 2.2 alpha
 + Debian Linux 2.2
+ Debian Linux 2.1 sparc
 + Debian Linux 2.1 alpha
 + Debian Linux 2.1 68k
 + Debian Linux 2.1
- FreeBSD FreeBSD 5.0 alpha
 - FreeBSD FreeBSD 5.0
- FreeBSD FreeBSD 4.0 alpha
 - FreeBSD FreeBSD 4.0
+ Mandriva Linux Mandrake 7.0
+ Mandriva Linux Mandrake 6.1
+ NetBSD NetBSD 1.4.2 x86
 + NetBSD NetBSD 1.4.2 SPARC
 + NetBSD NetBSD 1.4.2 Alpha
 + NetBSD NetBSD 1.4.1 x86
 + NetBSD NetBSD 1.4.1 SPARC
 + NetBSD NetBSD 1.4.1 Alpha
 + NetBSD NetBSD 1.4 x86
 + NetBSD NetBSD 1.4 SPARC
 + NetBSD NetBSD 1.4 Alpha
 - OpenBSD OpenBSD 2.7
- OpenBSD OpenBSD 2.6
+ Redhat Linux 6.2 sparc
 + Redhat Linux 6.2 i386
 + Redhat Linux 6.2 alpha
 + Redhat Linux 6.1 sparc
 + Redhat Linux 6.1 i386
 + Redhat Linux 6.1 alpha
 + Redhat Linux 6.0 sparc
 + Redhat Linux 6.0 alpha
 + Redhat Linux 6.0
- Sun Solaris 2.5.1 _x86
 - Sun Solaris 2.5.1
- Sun Solaris 8_x86
 - Sun Solaris 8_sparc
 - Sun Solaris 7.0_x86
 - Sun Solaris 7.0
 - Sun Solaris 2.6_x86
 - Sun Solaris 2.6
 + Turbolinux Turbolinux 6.0.4
+ Turbolinux Turbolinux 6.0.3
+ Turbolinux Turbolinux 6.0.2
+ Turbolinux Turbolinux 6.0.1
+ Turbolinux Turbolinux 6.0
Not Vulnerable:

Exploit / POC

xlockmore User Supplied Format String Vulnerability

xlock -d %x%x%x%x%x

If this results in a message such as:
xlock: unable to open display dfbfd958402555e1ea748dfbfd958dfbfd654.

it is likely your system is vulnerable.

exploit tested on OpenBSD 2.6 i386:

Solution / Fix

xlockmore User Supplied Format String Vulnerability

Solution:
Jeremy Buhler <[email protected]> has released a patch which eliminates this vulnerability and is now shipped with xlockmore 4.17.1 and later versions. The following is the relevant fixed code.

void
error(const char *buf)
{
#if defined( HAVE_SYSLOG_H ) && defined( USE_SYSLOG )
extern Display *dsp;

syslog(SYSLOG_WARNING, "%s", buf);
if (!nolock) {
if (strstr(buf, "unable to open display") == NULL)
syslogStop(XDisplayString(dsp));
else
syslogStop("unknown display");
closelog();
}
#else
(void) fprintf(stderr, "%s", buf);
#endif
exit(1);
}

Patches are available for Debian Linux 2.1 and 2.2.

Patches are available for the FreeBSD ports version of xlockmore.


David Bagley xlock 4.16

David Bagley xlock 4.16.1
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report