• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Solaris 8 dtscreen Authentication Bypass Vulnerability

Solaris 8 ships with CDE utilities, including dtscreen which provides screen saver functionality, and dtsession which may lock the terminal when invoking dtscreen.

Reportedly, a physically local user may cause the screen saver process to crash and dump core. If this is accomplished, the current session will be available, granting local access as the authenticated user. This may be accomplished by rapidly pressing the 'Shift' and 'Return' keys.