|The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.|
xlockmore: unlocking via dclock
Synthesis of the vulnerability
When the screen is locked with the dclock/random mode of xlockmore, it can stop on some systems, so a local attacker can access to user's session.
Impacted products: Fedora, NetBSD, Unix (platform) ~ not comprehensive.
Creation date: 18/10/2012.
Identifiers: BID-56169, CVE-2012-4524, FEDORA-2012-16485, FEDORA-2012-16490, VIGILANCE-VUL-12082.
Description of the vulnerability
The xlockmore program locks the screen of an X session.
It also displays a screen saver indicated by the "-mode" parameter:
- coral: coral reef
- dclock: digital clock
- eyes: eyes following an object
The "random" mode periodically changes the mode.
The modes/dclock.c file implements the dclock mode. It uses the "long" C type to store the time. However, on a recent 32 bit system (such as NetBSD 6.0), the time_t is stored on 64 bits. An invalid pointer is then used, which stops xlockmore.
The victim can then lock his screen in mode "random", which will call the mode "dclock" a few minutes later, and stop.
When the screen is locked with the dclock/random mode of xlockmore, it can therefore stop on some systems, so a local attacker can access to user's session.
Complete Vigil@nce bulletin.... (free trial)
Computer vulnerabilities tracking service
Vigil@nce provides computer vulnerability bulletins. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce vulnerability database contains several thousand vulnerabilities.