_ _ _____ _ ___ _____ _ _ / / / / ____/ / / _/_ __/ / / / / /_/ / __/ / / / / / / / /_/ / / __ / /___/ /____/ / / / / __ / /_/ /_/_____/_____/___/ /_/ /_/ /_/ Helith - 0815 -------------------------------------------------------------------------------- Author: Rembrandt Date: Known since somewhere in &cant_remember Affected Software: screen <= 4.0.3 Type: Local Type: Authentication Bypass Greets go to: Helith and all affiliated People, t3c0, levent, str0ke, hdm, The EOF-Crew, rrlf, herm1t, Solar Designer, softxor, Packetstorm, FeFe, kscope, Zarathu, f0rg3, Mr. Joern Alles Disrespect goes to: A Bank [/] And others included into this case... Personal note: I wanna get MY STUFF BACK! This is the last "diplomatic" attemp made directly. Contact me if you`re interested into a deescalation. Nobody is interested into making the things even more complicated or? So make your choice. And you better hurry... And this is no blackmailing attemp but others may decide for you if you don`t do it. IMPORTENT: Turn your brain "ON" this time. -------------------------------------------------------------------------------- I didn`t found a Adv. related to this so I decided to write one. :] screen is vulnerable to a authentication bypass which allows local attackers to gain system access in case screen was locked with a Password. It has been tested on OpenBSD 4.1 + screen 4.0.3 on x86. How to reproduce: Lock screen using ctrl+x Choose a Password Confirm the Password Screen asks for a Password to unlock the screen. Just press ctrl+c. 2 seconds later the screen is unlocked and you`ve access. Have fun!
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论