[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Xorg 1.11 screen locking vulnerability

To: list@xxxxxxxxxxxxx
Subject: Re: [LUG] Xorg 1.11 screen locking vulnerability
From: James Andrews <jamie@xxxxxxxxxxxx>
Date: Mon, 23 Jan 2012 09:10:13 +0000
Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx

The effected version of X11 is only in the more "bleeding edge" distributions like Debian testing

If you are running this kind of stuff then you should expect these kind of problems on a regular basis

Should you be using it in an environment where "security really matters"? No

So this shouldn't really be a big issue. Quite amusing though

On 23 January 2012 00:11, bad apple <ifindthatinteresting@xxxxxxxxx> wrote:

I know this isn't a security mailing list but this is a seriously
low-hanging fruit...

http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up/

Fixed in most distros already, but some are still wide open.

In a nutshell, any locked screen (xscreensaver, etc) can be bypassed
with crtl+alt+*

Oops!

Regards,

Mat

--
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq

References:
- [LUG] IPv6
  - From: Neil Winchurst
- Re: [LUG] IPv6
  - From: Gordon Henderson
- Re: [LUG] IPv6
  - From: Grant Phillips-Sewell
- Re: [LUG] IPv6
  - From: Neil Winchurst
- [LUG] Xorg 1.11 screen locking vulnerability
  - From: bad apple

Prev by Date: Re: [LUG] IPv6
Next by Date: Re: [LUG] Xorg 1.11 screen locking vulnerability
Previous by thread: [LUG] Xorg 1.11 screen locking vulnerability
Next by thread: Re: [LUG] Xorg 1.11 screen locking vulnerability
Index(es):
- Date
- Thread