Hi, On 6/4/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Please take a look at the Attachement dear List moderator. :) ... > It has been tested on OpenBSD 4.1 + screen 4.0.3 on x86. > > How to reproduce: > > Lock screen using ctrl+x > Choose a Password > Confirm the Password > > Screen asks for a Password to unlock the screen. > Just press ctrl+c and it displays "Getpass error". > 2 seconds later the screen is unlocked and you`ve access.
This is not reproducable with screen 4.0.3 on a Linux system. Also with looking at the code of screen I can see no vulnerability in this context. Can you show some code that proves your claim? If not I suggest to get a better operating system distributor ;) Cheers Lolek of TK53 P.S. It's ctrl-a x not ctrl-x _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
