Vulnerabilities > CVE-2020-9366 - Out-of-bounds Write vulnerability in GNU Screen
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly have unspecified other impact.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family | Gentoo Local Security Checks |
NASL id | GENTOO_GLSA-202003-62.NASL |
description | The remote host is affected by the vulnerability described in GLSA-202003-62 (GNU Screen: Buffer overflow) A buffer overflow was found in the way GNU Screen treated the special escape OSC 49. Impact : A remote attacker, by writing a specially crafted string of characters to a GNU Screen window, could possibly corrupt memory or have other unspecified impact. Workaround : There is no known workaround at this time. |
last seen | 2020-04-04 |
modified | 2020-03-31 |
plugin id | 135017 |
published | 2020-03-31 |
reporter | This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/135017 |
title | GLSA-202003-62 : GNU Screen: Buffer overflow |
code |
|
References
- http://www.openwall.com/lists/oss-security/2020/02/25/1
- http://www.openwall.com/lists/oss-security/2020/02/25/1
- https://lists.gnu.org/archive/html/screen-devel/2020-02/msg00007.html
- https://lists.gnu.org/archive/html/screen-devel/2020-02/msg00007.html
- https://security.gentoo.org/glsa/202003-62
- https://security.gentoo.org/glsa/202003-62
- https://www.openwall.com/lists/oss-security/2020/02/06/3
- https://www.openwall.com/lists/oss-security/2020/02/06/3