|Category:||Conectiva Local Security Checks|
|Title:||Conectiva Security Advisory CLA-2004:809|
|Summary:||Conectiva Security Advisory CLA-2004:809|
The remote host is missing updates announced in
Screen is a program which allows the use of several sessions
inside a single terminal.
Timo Sirainen reported a buffer overflow vulnerability in the
screen package which could be exploited by an attacker who is able to
send about 2Gb of data to the user's screen session.
Additionally, a fix for a potential problem with window sizes has
been incorporated in these updated packages.
Please note that screen is not installed setuid/setgid.
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'
Risk factor : Critical
Common Vulnerability Exposure (CVE) ID: CVE-2003-0972|
Bugtraq: 20031127 GNU screen buffer overflow (Google Search)
Debian Security Information: DSA-408 (Google Search)
Conectiva Linux advisory: CLA-2004:809
|Copyright||Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com|
|This is only one of 40037 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.