Paketname
screen
Datum
2003-12-08
Advisory ID
MDKSA-2003:113
Betroffene Versionen
9.2 amd64 , CS2.1 x86_64 , CS2.1 i586 , 9.2 i586 , 9.0 i586 , 9.1 i586 , MNF8.2 i586 , 9.1 i586

Problembeschreibung

A vulnerability was discovered and fixed in screen by Timo Sirainen who found an exploitable buffer overflow that allowed privilege escalation. This vulnerability also has the potential to allow attackers to gain control of another user's screen session. The ability to exploit is not trivial and requires approximately 2GB of data to be transferred in order to do so. Updated packages are available that fix the vulnerability.

Aktualisierte Pakete

9.2 amd64

 8c78f40deae7be8ccee172361fb71176  amd64/9.2/RPMS/screen-3.9.15-2.1.92mdk.amd64.rpm
4d078d5d3b28c417a51e3a8bfe622f45  amd64/9.2/SRPMS/screen-3.9.15-2.1.92mdk.src.rpm

CS2.1 x86_64

 bf60dabe82228d7f879c1fa232df2e20  x86_64/corporate/2.1/RPMS/screen-3.9.11-4.1.C21mdk.x86_64.rpm
54336329e042b03ebca3c00ca0a1f0c3  x86_64/corporate/2.1/SRPMS/screen-3.9.11-4.1.C21mdk.src.rpm

CS2.1 i586

 757d420f6d823e26a487eff794490bbe  corporate/2.1/RPMS/screen-3.9.11-4.1.C21mdk.i586.rpm
54336329e042b03ebca3c00ca0a1f0c3  corporate/2.1/SRPMS/screen-3.9.11-4.1.C21mdk.src.rpm

9.2 i586

 656ca2f3bf4796052972997c214d7909  9.2/RPMS/screen-3.9.15-2.1.92mdk.i586.rpm
4d078d5d3b28c417a51e3a8bfe622f45  9.2/SRPMS/screen-3.9.15-2.1.92mdk.src.rpm

9.0 i586

 2ed29228596116d87146cb2f1eb75ad3  9.0/RPMS/screen-3.9.11-4.1.90mdk.i586.rpm
db59e945ca7dabc7d81df3388566feb9  9.0/SRPMS/screen-3.9.11-4.1.90mdk.src.rpm

9.1 i586

 4d1ce0bb5f0b8335b9f3da4520280fdb  9.1/RPMS/screen-3.9.13-2.1.91mdk.i586.rpm
025da8fcc964f065afb0c51d2716d472  9.1/SRPMS/screen-3.9.13-2.1.91mdk.src.rpm

MNF8.2 i586

 c4b0b5a690692dac14eaeb8590fe2d8f  mnf8.2/RPMS/screen-3.9.11-4.1.M82mdk.i586.rpm
9a363746316958e58a843f4d838b0cf0  mnf8.2/SRPMS/screen-3.9.11-4.1.M82mdk.src.rpm

9.1 i586

 b8570b8b63461c8f444dcdbe2c4f6e99  ppc/9.1/RPMS/screen-3.9.13-2.1.91mdk.ppc.rpm
025da8fcc964f065afb0c51d2716d472  ppc/9.1/SRPMS/screen-3.9.13-2.1.91mdk.src.rpm

Referenzen