Vigil@nce - XDM: denial of service via crypt
June 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can attempt to login with XDM using crypt(), in order
to trigger a denial of service.
Impacted products: Unix (platform)
Severity: 1/4
Creation date: 12/06/2013
DESCRIPTION OF THE VULNERABILITY
XDM is a graphical display manager.
This kind of program authenticates the end user before creating a
session in a desktop environment. The authentication may use PAM
or the old crypt() function. In this last case, when the account
is locked or when crypt() is not correctly called, the function
Verify() in the file greeter/verify.c dereferences a NULL pointer
returned by crypt(), which make the application halt.
An attacker can therefore attempt to login with XDM using crypt(),
in order to trigger a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/XDM-denial-of-service-via-crypt-12970