RSS   Vulnerabilities for 'Screen'   RSS

2021-02-09
 
CVE-2021-26937

CWE-88
 

 
encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence.

 
2020-02-24
 
CVE-2020-9366

CWE-120
 

 
A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly have unspecified other impact.

 
2017-03-20
 
CVE-2017-5618

CWE-269
 

 
GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions.

 
2009-04-01
 
CVE-2009-1214

CWE-264
 

 
GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with world-readable permissions, which might allow local users to obtain sensitive session information.

 
2007-06-05
 
CVE-2007-3048

 

 
** DISPUTED ** GNU screen 4.0.3 allows local users to unlock the screen via a CTRL-C sequence at the password prompt. NOTE: multiple third parties report inability to reproduce this issue.

 
2006-10-24
 
CVE-2006-4573

 

 
Multiple unspecified vulnerabilities in the "utf8 combining characters handling" (utf8_handle_comb function in encoding.c) in screen before 4.0.3 allows user-assisted attackers to cause a denial of service (crash or hang) via certain UTF8 sequences.

 
2003-12-15
 
CVE-2003-0972

 

 
Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow.

 
2002-04-23
 
CVE-2002-1602

 

 
Buffer overflow in the Braille module for GNU screen 3.9.11, when HAVE_BRAILLE is defined, allows local users to execute arbitrary code.

 

 >>> Vendor: GNU 108 Products
INET
LIBC
Fingerd
Radius
WGET
BASH
Finger service
Gnumeric
GCC
MAKE
Emacs
Glibc
CVS
Mailman
Userv
Groff
Cfengine
Global
Privacy guard
ED
G++
Findutils
GZIP
TAR
Xemacs
Enscript
ZLIB
Sharutils
Chess
Fileutils
Flash player
GV
Screen
Data display debugger
Zebra
LSH
Libtool
Anubis
Libtasn1
FLIM
Aspell
Queue
Ksymoops
Gnats
Gettext
Mailutils
A2PS
Realtime linux security module
LESS
Gnubiff
Gnutls
Punbb
GIMP
Coreutils
CPIO
GDB
Phpbook
Texinfo
Gnump3d
Libextractor
Binutils
Libtool-ltdl
Gpgme
Gnumail
Iceweasel
Tramp
Libcdio
M4
SCCS
Grub legacy
ADNS
Ibackup
Escript
Classpath
Gnu screen
Automake
Grub 2
NANO
Gnash
Gnu patch
Eglibc
Libiberty
GREP
Libmicrohttpd
RUSH
GRUB
Readline
Patch
Parallel
Libidn
Grub2
Guile
OSIP
Gnutls libtasn1
Libssp
Ncurses
PSPP
Guixsd
Recutils
Libredwg
See all Products for Vendor GNU


Copyright 2024, cxsecurity.com

 

Back to Top