ja-xlock Local Root Compromise Vulnerability
BID:2379
Info
ja-xlock Local Root Compromise Vulnerability
| Bugtraq ID: | 2379 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Feb 07 2001 12:00AM |
| Updated: | Feb 07 2001 12:00AM |
| Credit: | Reported to bugtraq by FreeBSD in an advisory dated February 13, 2001 |
| Vulnerable: |
xlock ja-xlock 2.7 |
| Not Vulnerable: |
xlock ja-xlock 2.7.1 |
Discussion
ja-xlock Local Root Compromise Vulnerability
A vulnerability exists in versions of ja-xklock prior to version 2.7.1.
The Japanese localized FreeBSD port of xklock, the X display locking utility, is susceptible to a buffer overflow attack.
More information on this vulnerability is currently unavailable.
A vulnerability exists in versions of ja-xklock prior to version 2.7.1.
The Japanese localized FreeBSD port of xklock, the X display locking utility, is susceptible to a buffer overflow attack.
More information on this vulnerability is currently unavailable.
Exploit / POC
ja-xlock Local Root Compromise Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
ja-xlock Local Root Compromise Vulnerability
Solution:
It is suggested by the vendor that an alternative, such as xlock or xlockmore, is used instead of the ja-xklock port.
Solution:
It is suggested by the vendor that an alternative, such as xlock or xlockmore, is used instead of the ja-xklock port.
References
ja-xlock Local Root Compromise Vulnerability
References:
References: