[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <a1aaf36e0706050205t70e60443y2db9ef7e2a034e70@mail.gmail.com>
Date: Tue, 5 Jun 2007 11:05:43 +0200
From: "Lolek of TK53" <lolek1337@...glemail.com>
To: "Christian Khark Lauf" <full-disclosure@...rkerlake.net>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: screen 4.0.3 local Authentication Bypass
Hi,
On 6/4/07, Christian Khark Lauf <full-disclosure@...rkerlake.net> wrote:
> >> Screen asks for a Password to unlock the screen.
> >> Just press ctrl+c and it displays "Getpass error".
> >> 2 seconds later the screen is unlocked and you`ve access.
> > I can't reproduce this on either Mac OS X (screen 4.00.03) or
> > Debian (screen 4.00.02) ...
>
> So goes here. Debian Etch, Screen version 4.00.03 (FAU) 23-Oct-06.
> But maybe it's because I have a password directive in my .screenrc
> (You need to enter a password if you want to resume the session via
> screen -r <name>)
Before every list member tests this and writes a mail because of a
configuration issue or a stupid patch introduces by OpenBSD, show us
some code that proves the claim.
Cheers
Lolek
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists