lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <3F9E9D71.8060800@insecure.ws>
Date: Tue, 28 Oct 2003 17:46:41 +0100
From: kang <kang@...ecure.ws>
To: full-disclosure@...ts.netsys.com, bugtraq@...urityfocus.com
Subject: [securemac] Local vulnerability: MacOSX Screensaver locking bypass.



      Mac OS X 10.3 Panther Screen Lock Bypass

*Advisory Title*: Keys Getting Past Panther Screen Lock
*Release Date*: 2003 October 28
*Affected Product*: Mac OS X 10.3 Build 7B85
*Severity*: Low
*Impact*: Security Bypass
*Where*: Local System
*Author*: CodeSamurai (codesamurai@....com)

*VULNERABILITY*
With access to the keyboard, an unauthorized user can access the 
currently active screen-locked user environment. However, there is only 
a relatively small opening in the period of time in which the keys 
events get through; completing complicated operations at the keyboard 
have shown to be highly tedious in actual practice thus far.

*EXPLOIT*
With the screen effect active, keys pressed before the authentication 
window appears will be sent to the general user environment.

*PRACTICAL TESTS*
Tested Examples:
- An open word processing document can be typed in.
- Shortcut operations via the keyboard are executed.
- New windows can be spawned.
- New folders can be created in the Finder.
- Switching between running applications is possible.
- One can navigate through the file system and launch applications.
- Terminal was launched and binary was executed from the command line.

*CONCLUSION*
Although the potential risk due to malicious intent via this 
vulnerability is obvious, tentatively it appears that in real-world 
practicality, the impact will most likely be statistically small. (But a 
chain is only as strong as its weakest link.)

*SecureMac Notes*: For the first-time-user actually executing anything 
useful before the screen lock appears is hard. For the user who 
practices and knows where items are stored and can quickly move around 
with the keys could change information or even disable authentication 
and gain access to the desktop.


Full advisory is available here:
http://www.securemac.com/macosx-screenlock-bypass.php




Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ