[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: Security flaw in klock (fwd)
From: Mosfet <mosfet () jorsm ! com>
Date: 1999-06-24 0:30:00
[Download RAW message or body]
Yes, it is rather interesting that these guys would post bugreports everywhere
but the kde or kde-user lists. Oh well, what do you expect?
On Wed, 23 Jun 1999, you wrote:
> Typical RedHat crap, this exploit was apparently sent to BugTraq before
> anyone could post about it to kde-devel or the like. Perhaps a security
> mailing list is in order. Or a dunce cap for RH and crew.
>
> - alex
>
> ---------- Forwarded message ----------
> Date: Wed, 23 Jun 1999 19:18:17 -0400
> From: Matt Wilson <msw@redhat.com>
> To: garbanzo@hooked.net
> Subject: Re: Security flaw in klock
>
> ----- Forwarded message from Matt Wilson <msw@redhat.com> -----
>
> Message-ID: <19990623190903.I6066@devserv.devel.redhat.com>
> Date: Wed, 23 Jun 1999 19:09:03 -0400
> From: Matt Wilson <msw@redhat.com>
> To: BUGTRAQ@netspace.org
> Cc: Maurizio Paolini <paolini@DMF.BS.UNICATT.IT>, ettrich@kde.org
> Subject: Re: Security flaw in klock
> References: <199906230823.KAA28861@gauss.dmf.bs.unicatt.it>
> Mime-Version: 1.0
> Content-Type: text/plain; charset=us-ascii
> X-Mailer: Mutt 0.91.1
> In-Reply-To: <199906230823.KAA28861@gauss.dmf.bs.unicatt.it>; from Maurizio Paolini on Wed, Jun 23, \
> 1999 at 10:23:26AM +0200
> Status: RO
> Content-Length: 1840
> Lines: 53
>
> I've confirmed this race. Here's the fullproof method to recreate the
> problem:
>
> 1) Run klock.
> 2) Hit <enter> at the first password prompt. klock says, "Failed".
> 3) Watch closely and count the number of times the cursor blinks.
> On my system, from the time you hit enter till the dialog disappears
> you'll have 10-11 blinks.
> 4) On or just after the 10th blink (just as the dialog would disappear),
> hit <enter>.
> 5) Poof - klock segfaults and access is granted.
>
> It may take a few tries, but I've gotten to where I can hit the
> race every time.
>
> I am able to reproduce this in the KDE RPMS that shipped in Red Hat
> Linux 6.0 and the updated RPMS released a few days ago.
>
> Digging into source now (*grumble*, yet another KDE update)...
>
> Matt Wilson
> msw@redhat.com
>
> On Wed, Jun 23, 1999 at 10:23:26AM +0200, Maurizio Paolini wrote:
> > Hello,
> > this is my first post to this list, so please forgive me if this
> > is off topic or badly formulated.
> >
> > It seems to me that anyone can take control of a local kde session
> > locked with klock (the default locking mechanism of kde).
> >
> > This was discovered by my 7 years old son, who was just trying
> > to gain control of my session by typing randomly on the keyboard, and
> > it just involves the "backspace" key and the "enter" key, and perhaps
> > the "caps lock" key.
> >
> > It actually takes a few tries, and I don't know of a precise sequence
> > of keys. What I do is
> >
> > 1. wait for the "enter password" message.
> > 2. press the "caps lock" once or twice.
> > 3. press the "backspace" six times with different timings each try.
> > 4. press the enter key.
> >
> > After a few tries (usually five to ten...) klock dies with no message.
> >
> > If this is confirmed by someone else it seems to be a serious
> > flaw of klock (or a backdoor?)
> >
> > Thank you,
> >
> > Maurizio Paolini
> LocalWords: klock
>
> ----- End forwarded message -----
--
Daniel M. Duley - Unix developer & sys admin.
mosfet@kde.org
mosfet@jorsm.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic