|
|
Subscribe / Log in / New account

screen: privilege escalation

Package(s):screen CVE #(s):CAN-2003-0972
Created:November 28, 2003 Updated:March 3, 2004
Description: According to this advisory a buffer overflow in GNU screen allows privilege escalation for local users. Usually screen is installed either setgid-utmp or setuid-root.

It also has some potential for remote attacks or getting control of another user's screen. The problem is that you have to transfer around 2-3 gigabytes of data to user's screen to exploit this vulnerability. 4.0.1, 3.9.15 and older versions are vulnerable.

Alerts:
SCO Group CSSA-2004-011.0 screen 2004-03-02
Fedora-Legacy FLSA:1187 screen 2004-01-26
Conectiva CLA-2004:809 screen 2004-01-20
Debian DSA-408-1 screen 2004-01-05
Mandrake MDKSA-2003:113 screen 2003-12-08
OpenPKG OpenPKG-SA-2003.050 screen 2003-11-28
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds