Rated as : High Risk
_ _ _____ _ ___ _____ _ _
/ / / / ____/ / / _/_ __/ / / /
/ /_/ / __/ / / / / / / / /_/ /
/ __ / /___/ /____/ / / / / __ /
/_/ /_/_____/_____/___/ /_/ /_/ /_/
Helith - 0815
--------------------------------------------------------------------------------
Author: Rembrandt
Date: Known since somewhere in &cant_remember
Affected Software: screen <= 4.0.3
Type: Local
Type: Authentication Bypass
Greets go to: Helith and all affiliated People, t3c0, levent, str0ke,
hdm, The EOF-Crew, rrlf, herm1t, Solar Designer, softxor,
Packetstorm, FeFe, kscope, Zarathu, f0rg3, Mr. Joern Alles
Disrespect goes to: A Bank [/]
And others included into this case...
Personal note: I wanna get MY STUFF BACK!
This is the last "diplomatic" attemp made
directly.
Contact me if you`re interested into a deescalation.
Nobody is interested into making the things even more
complicated
or? So make your choice. And you better hurry...
And this is no blackmailing attemp but others may decide
for you
if you don`t do it.
IMPORTENT: Turn your brain "ON" this time.
--------------------------------------------------------------------------------
I didn`t found a Adv. related to this so I decided to write one. :]
screen is vulnerable to a authentication bypass which allows local
attackers
to gain system access in case screen was locked with a Password.
It has been tested on OpenBSD 4.1 + screen 4.0.3 on x86.
How to reproduce:
Lock screen using ctrl+x
Choose a Password
Confirm the Password
Screen asks for a Password to unlock the screen.
Just press ctrl+c and it displays "Getpass error".
2 seconds later the screen is unlocked and you`ve access.
Have fun!
securitydot.net - 2007-06-04
|