Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The (1) checkPasswd and (2) checkGroupXlockPasswds functions in xlockmore before 5.43 do not properly handle when a NULL value is returned upon an error by the crypt or dispcrypt function as implemented in glibc 2.17 and later, which allows attackers to bypass the screen lock via vectors related to invalid salts.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
xlockmore 空指针逆向引用拒绝服务漏洞
Vulnerability Description
xlockmore是软件开发者David Bagley所维护的一套X-Windows锁屏软件。 xlockmore 5.42及之前版本的‘checkPasswd’和‘checkGroupXlockPasswds’函数中存在安全漏洞,该漏洞源于程序没有正确处理glibc中的‘crypt’函数。攻击者可利用该漏洞造成拒绝服务(空指针逆向引用和崩溃),绕过屏幕锁。
CVSS Information
N/A
Vulnerability Type
N/A