The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

vulnerability announce CVE-2012-4524

xlockmore: unlocking via dclock

Synthesis of the vulnerability

When the screen is locked with the dclock/random mode of xlockmore, it can stop on some systems, so a local attacker can access to user's session.
Impacted products: Fedora, NetBSD, Unix (platform) ~ not comprehensive.
Severity: 2/4.
Creation date: 18/10/2012.
Identifiers: BID-56169, CVE-2012-4524, FEDORA-2012-16485, FEDORA-2012-16490, VIGILANCE-VUL-12082.

Description of the vulnerability

The xlockmore program locks the screen of an X session.

It also displays a screen saver indicated by the "-mode" parameter:
 - coral: coral reef
 - dclock: digital clock
 - eyes: eyes following an object
 - etc.
The "random" mode periodically changes the mode.

The modes/dclock.c file implements the dclock mode. It uses the "long" C type to store the time. However, on a recent 32 bit system (such as NetBSD 6.0), the time_t is stored on 64 bits. An invalid pointer is then used, which stops xlockmore.

The victim can then lock his screen in mode "random", which will call the mode "dclock" a few minutes later, and stop.

When the screen is locked with the dclock/random mode of xlockmore, it can therefore stop on some systems, so a local attacker can access to user's session.
Complete Vigil@nce bulletin.... (free trial)

Computer vulnerabilities tracking service

Vigil@nce provides computer vulnerability bulletins. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce vulnerability database contains several thousand vulnerabilities.