Apologies for the incorrect info.
Rishi
On Tuesday, July 8, 2003, at 07:41 PM, petard wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
With regards to the above vulnerability, I tested 3 Machines (1: G4
450 & 2: Dual G4 1.2G) They all had the mentioned screen saver
vulnerability.
However, a work-around solution is if you use "Key-chain access" and
lock screen instead of using the "hot-spot" method. The end effects are
the same using both but the buffer overflow is avoided using the former
method.
Using your method of locking the screen, my machine (G4 1GHz, 10.2.6) is still
vulnerable. I was able to get in in under 20 seconds using the emacs shortcuts,
same as before.
Regards, petard
- -- "I say we institute [...] roving squadrons of Darren Reed clones to bore yuppie scum like this to death with the inherent merits of ipf over pf." -- Anonymous Coward, OpenBSD Journal (http://deadly.org/) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (NetBSD)
iD8DBQE/C1aOgkiZ59A0kiQRAh/bAJ9T1pddXRk3xWwWYOEgZUKavr9N0QCcCWsR TPlO0+IssU09RilIWuOvmFk= =c3KH -----END PGP SIGNATURE-----
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
