Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 7 Jan 2014 17:25:00 -0500 (EST)
From: cve-assign@...re.org
To: guido+openwall.com@...hoerster.name
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>it is trivial to crash
>lightdm-gtk-greeter by entering an empty username due to a NULL
>pointer dereference. When a greeter crashes the lightdm daemon
>exits.
>This constitutes a local denial of service which can be triggered
>by any unprivileged attacker requiring the intervention of an
>administrator to restart lightdm.

Use CVE-2014-0979.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJSzH5JAAoJEKllVAevmvms9wIH/A9WdJzXAHd/GFVKWdl95xKZ
knswD8xFptO9IIII1M8Du/eDomM0CU3fZHzgBBxtJYfCP1WZc7c7a0RG791FpWDh
VMF7DeB8Kd18J9uqzQSBnZOaEtjpJHbAM8eRDjoG/MgUAzkYixTwg4lVk41mOl/l
rymq3vTVgIFBHJfwQRKgxl/MlHc0qxWqC9ahw68Xg9jTsTkU1uXBVo8o3+Gr6I6b
5F4fmtAl5c3uiX570TGj03vt8mK9NTYqwwfprin9jH+SPaQZhsBb5jUQLF+SK1qD
KWGWNJiwg4OUHHOmAOcRBtA4LckXaxCXceUN196QjIJmlHPtoSjXZ/ZngTAGUOw=
=x4LB
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.