Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu screen vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-0972
Integer signedness error in ansi.c for GNU screen 4.0.1 and previous versions, and 3.9.15 and previous versions, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow.
Gnu Screen 3.9.15
Gnu Screen 3.9.4
Gnu Screen 3.9.11
Gnu Screen 3.9.13
Gnu Screen 3.9.8
Gnu Screen 3.9.9
Gnu Screen 3.9.10
Gnu Screen 4.0.1
NA
CVE-2002-1602
Buffer overflow in the Braille module for GNU screen 3.9.11, when HAVE_BRAILLE is defined, allows local users to execute arbitrary code.
Gnu Screen 3.9.11
Gnu Screen 3.9.4
Gnu Screen 3.9.10
Gnu Screen 3.9.8
Gnu Screen 3.9.9
1 EDB exploit
NA
CVE-2015-6806
The MScrollV function in ansi.c in GNU screen 4.3.1 and previous versions does not properly limit recursion, which allows remote malicious users to cause a denial of service (stack consumption) via an escape sequence with a large repeat count value.
Gnu Gnu Screen
NA
CVE-2009-1215
Race condition in GNU screen 4.0.3 allows local users to create or overwrite arbitrary files via a symlink attack on the /tmp/screen-exchange temporary file.
Gnu Gnu Screen 4.0.3
2 Github repositories
9.8
CVSSv3
CVE-2020-9366
A buffer overflow was found in the way GNU Screen prior to 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly have unspecified other impact.
Gnu Screen
NA
CVE-2006-4573
Multiple unspecified vulnerabilities in the "utf8 combining characters handling" (utf8_handle_comb function in encoding.c) in screen prior to 4.0.3 allows user-assisted malicious users to cause a denial of service (crash or hang) via certain UTF8 sequences.
Gnu Screen
6.5
CVSSv3
CVE-2023-24626
socket.c in GNU Screen up to and including 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process.
Gnu Screen
7.8
CVSSv3
CVE-2017-5618
GNU screen prior to 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions.
Gnu Screen
NA
CVE-2009-1214
GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with world-readable permissions, which might allow local users to obtain sensitive session information.
Gnu Screen 4.0.3
NA
CVE-2007-3048
GNU screen 4.0.3 allows local users to unlock the screen via a CTRL-C sequence at the password prompt. NOTE: multiple third parties report inability to reproduce this issue
Gnu Screen 4.0.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »