Bug 212056 - (CVE-2006-4573) CVE-2006-4573 screen buffer overflow
CVE-2006-4573 screen buffer overflow
Status: CLOSED NEXTRELEASE
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Marcela Mašláňová
Brock Organ
http://lists.gnu.org/archive/html/scr...
public=20061023,reported=20061023,sou...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-10-24 15:41 EDT by Josh Bressers
Modified: 2011-08-02 14:32 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-08-09 11:12:00 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Josh Bressers 2006-10-24 15:41:34 EDT
From the screen-users mailing list:

    I've just released screen-4.0.3. This is not the promised next version
    with vertical split and other cool things, but just a security release
    that fixes two bugs in the utf8 combining characters handling. The
    bugs could be used to crash/hang screen by writing a special string
    to a window.

    The fixed version is (as usual) available via:

    ftp://ftp.uni-erlangen.de/pub/utilities/screen/screen-4.0.3.tar.gz

    Credits go to cstone & Rich Felker for finding the bugs.

Kees Cook of Ubuntu analysed this issue and determined that it's likely an
exploitable issue, but it's non trivial to exploit.  This will require a fair
amount of user interaction to exploit, thus the low severity.

This issue also likely affects RHEL2.1 and RHEL3
Comment 2 Marcela Mašláňová 2006-12-11 07:38:30 EST
Solved in rawhide.
Comment 3 Marcela Mašláňová 2007-03-28 07:07:25 EDT
New version, fix bugs from comment#1
Comment 4 Marcela Mašláňová 2007-08-09 11:12:00 EDT
Please update on screen-4.0.3 and higher.
Comment 5 Josh Bressers 2011-08-02 14:32:12 EDT
Statement:

Red Hat no longer plans to fix this issue in Red Hat Enterprise Linux 4.

Note You need to log in before you can comment on or make changes to this bug.