The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and gain access to the underlying session via a large number of characters in the password field, possibly triggering a buffer overflow.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Mac_os_x | Apple | 10.2 (including) | 10.2 (including) |
| Mac_os_x | Apple | 10.2.1 (including) | 10.2.1 (including) |
| Mac_os_x | Apple | 10.2.2 (including) | 10.2.2 (including) |
| Mac_os_x | Apple | 10.2.3 (including) | 10.2.3 (including) |
| Mac_os_x | Apple | 10.2.4 (including) | 10.2.4 (including) |
| Mac_os_x | Apple | 10.2.5 (including) | 10.2.5 (including) |
| Mac_os_x | Apple | 10.2.6 (including) | 10.2.6 (including) |
| Mac_os_x_server | Apple | 10.2 (including) | 10.2 (including) |
| Mac_os_x_server | Apple | 10.2.1 (including) | 10.2.1 (including) |
| Mac_os_x_server | Apple | 10.2.2 (including) | 10.2.2 (including) |
| Mac_os_x_server | Apple | 10.2.3 (including) | 10.2.3 (including) |
| Mac_os_x_server | Apple | 10.2.4 (including) | 10.2.4 (including) |
| Mac_os_x_server | Apple | 10.2.5 (including) | 10.2.5 (including) |
| Mac_os_x_server | Apple | 10.2.6 (including) | 10.2.6 (including) |
References
- http://archives.neohapsis.com/archives/bugtraq/2003-07/0034.html
- http://archives.neohapsis.com/archives/bugtraq/2003-07/0187.html
- http://docs.info.apple.com/article.html?artnum=120232
- http://archives.neohapsis.com/archives/bugtraq/2003-07/0034.html
- http://archives.neohapsis.com/archives/bugtraq/2003-07/0187.html
- http://docs.info.apple.com/article.html?artnum=120232