similar to: Overflow in xlock (fwd)

Displaying 20 results from an estimated 100 matches similar to: "Overflow in xlock (fwd)"

1996 Dec 15
0
vixie-crontab for redhat linux
/* vixie crontab buffer overflow for RedHat Linux * * I dont think too many people know that redhat uses vixie crontab. * I didn''t find this, just exploited it. * * * Dave G. * <daveg@escape.com> * http://www.escape.com/~daveg * * */ #include <stdio.h> #include <sys/types.h> #include <stdlib.h> #include <fcntl.h> #include <unistd.h> #define
1997 May 14
4
cxterm buffer overrun
cxterm is a Chinese terminal emulator for the X Window System. It''s installed as suid-root by default if you did a make install. Just like xterm, it does needs to be suid to update /etc/utmp...blahblah... I discovered some buffer overflow bugs in it. The code attached below is the exploit. Quick fix? chmod -s /path/cxterm
2000 Aug 28
0
FreeBSD Ports Security Advisory: FreeBSD-SA-00:44.xlockmore
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:44 Security Advisory FreeBSD, Inc. Topic: xlockmore port allows reading of password file Category: ports Module: xlockmore Announced:
1997 Sep 26
3
Forwarded mail....
I was surprised to see that this hadn't made it to the samba list yet. Note I have not spent any time trying to confirm validity. ---------- Forwarded message ---------- Date: Fri, 26 Sep 1997 00:21:55 +0200 From: root <root@ADM.KIX-AZZ.ORG> To: BUGTRAQ@NETSPACE.ORG /* ___ ______ _ _ / \ | _ \ | \ / |
2009 Mar 26
0
Processed: updating submitter e-mail address
Processing commands for control at bugs.debian.org: > # changing bug submitter e-mail address from > # dkg-debian.org at fifthhorsemannet to > # dkg at fifthhorseman.net for consolidation > submitter 318123 ! Bug#318123: [CVE-2006-0061] xlockmore: xlock segfaults with libpam-opensc, returns to user session Changed Bug submitter from Daniel Kahn Gillmor <dkg-debian.org at
1997 Mar 31
1
Re: X-Windows security hole?
Roman Garcia wrote: > > Hi, > Maybe I found a hole in the security on Linux running X-Windows. > Supose that you logged as root. If you locks the screen (at least > using openwindows+virtual desktop and xlock), anybody can press > <Ctrl><Alt><Backspace>, that kills the xserver, giving the root > prompt in the console. You can disable this in the XF86Config
2003 May 21
1
linux problems
Hi, I am facing two problems in Linux , if you can help me with these. 1. I have to generate keyboard /mouse interrupt from my program which xlock can recognize so that prompt will appear on it. The interrupt will be generated from a program running at the background. It is required in my project. 2. I have started a program in /usr/bin/startkde, which was necessary at that time only, has
2008 Jan 18
0
xscreensaver lock problem resolved!
Hello to all: I'd like to thank everyone who offered insight to why xscreensaver lock wasn't working. Just this morning I performed a last-minute search, based on some leads, of possible pam configuration issues. One URL that popped up via google was http://www.kernel.org/pub/linux/libs//pam/FAQ Q9 contained a lead to make `which xlock` setuid root (chmod +s). I did this for
1997 Nov 13
0
another buffer overrun in sperl5.003
Summary: Any user can gain root privileges on a Intel Linux system with suidperl 5.003 (having the suid bit, of course) even if "SUIDBUF" and "two suidperl security patches" have been applied. Non-Intel / non-Linux platforms may be affected as well. Quick fix: chmod u-s /usr/bin/sperl5.003 (what else?) Details: There is a nasty bug in mess() (util.c): it is possible to
2013 Mar 25
1
Bug#703936: logcheck-database: SSH Bad Protocol Version Idenitifcation Rule is incomplete
Package: logcheck-database Version: 1.3.13 Severity: normal The rule for SSH ignoring "Bad protocol version identification" assumes there are no single quotes inside the version string ('[^']'). I am however getting mails including those lines: Mar 25 22:57:04 Debian-60-squeeze-64-minimal sshd[12144]: Bad protocol version identification
2010 May 25
1
Bug#583155: logcheck-database: Please create rules for amavis(d-new)
Package: logcheck-database Version: 1.3.8 Severity: wishlist HI, can you please create a rule/some rules for amavis(d-new). I get for every mail this mesage: May 25 19:55:40 data amavis[9603]: (09603-15) Passed CLEAN, [::1] [213.165.64.22] <xxx at yyy.zz> -> \ <aaa at localhost>, Message-ID: <20100525175015.29677page1 at mx002.bbb.ccc>, mail_id: MM7upJv6se1Z, \ Hits:
2011 Jul 02
1
Bug#632471: logcheck-database: spamd child cleanup message broken after upgrade to squeeze
Package: logcheck-database Version: 1.3.13 Severity: normal Tags: patch After upgrading to debian squeeze I get several messages a day in the form of: Jul 2 15:05:15 hostname spamd[21286]: spamd: handled cleanup of child pid [28609] due to SIGCHLD: exit 0 This is due to an update in spamd, that makes the message more detailed (includes exit code)[1]. Therefore messages including exit code 0
1998 Feb 04
0
An old ld-linux.so hole
Section I. Overview Hello, About a half year ago there was some rumour on bugtraq concerning a buffer overflow in Linux dynamic linkers, ld.so and ld-linux.so. You can take a look at the beginning of the thread at http://www.geek-girl.com/bugtraq/1997_3/0089.html to refresh old memories; I''ll capitalize anyway. Briefly, there exists a buffer overrun in ld-linux.so versions 1.7.14,
2015 Jun 26
0
Wine release 1.7.46
The Wine development release 1.7.46 is now available. What's new in this release (see below for details): - Improvements in the BITS file transfer service. - Still more progress on DirectWrite implementation. - Support for shared user data on 64-bit. - Various C++ runtime improvements. - Some more support for the 64-bit ARM platform. - Various bug fixes. The source is available
2018 Mar 14
0
truncation/rounding bug with write.csv
My apologies for not including sessionInfo(), and I'm a bit angry at myself for that. Retrying in a fresh session of R, I get different results. More specifically, I get the expected result where accuracy is the same in the first and the last line. As I didn't include my sessionInfo() in my previous mail, I can't figure out why I now have a different result. So I'm positive
2003 Mar 31
1
HEADSUP: XFree86 4.3.0 update
On Tue, 18 Mar 2003 11:55, Daniel O'Connor wrote: > On Tue, 2003-03-18 at 02:54, Fred Clift wrote: > This is interesting because I had a crash with Mozilla which only > stopped when I built WITHOUT_XFT. > > I have updated fontconfig, freetype etc.. with no luck :( Not sure I replied to this but.. The solution was that I had a font directory X knew about but not fontconfig :(
2018 Feb 06
0
"make check" test-hash-method bus error (Sparc alignment)
Hi there, when doing "make check" for a 2.3.0 build on Solaris Sparc I get a bus error due to an alignment issue. It seems the error is only happening during testing, because in the official API it was fixed in https://github.com/dovecot/core/commit/d8361cc8576d9ede93a037f9b96f2a3f9b7e9054#diff-2ff53ae0e00a90ee20d648229ad91d2b But the tests use hand written test vectors, that are
2018 Mar 14
0
truncation/rounding bug with write.csv
What OS are you on? On Ubuntu 17.10 with R 3.4.3 all seems well (see below for your example, I just added a setwd()). [ That said, I long held a (apparently minority) view that csv is for all intends and purposes a less-than-ideal format. If you have that much data, you do generally not want to serialize it back and forth as that is slow, and may drop precision. The rds format is great for R
2010 Mar 09
0
error with adaboost: replacement has 186 rows, data has 62
Hi, all, When running > AB.fit=adaboost(ylearn, xlearn, xtest, presel=0) I got the following error: Error in `[[<-.data.frame`(`*tmp*`, preds, value = c(4L, 6L, 6L, 6L, 3L, : replacement has 186 rows, data has 62 The data structure is attached below: [1] "ylearn" [1] 0 0 0 0 0 0 0 0 0 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 [40] 1 1 1 1 1 1 1 0
2009 Aug 24
0
R survival package error message - bug?!
Dear all, I have encountered a weird behaviour in R survival package which seems to me to be a bug. The weird behaviour happens when I am using 100 variables in the ridge function when calling coxph with following formula Surv(time = futime, event = fustat, type = "right") ~ ridge(X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X12, X13, X14, X15, X16, X17, X18, X19, X20, X21, X22,