Published: 03/07/2012 Updated: 04/07/2012

CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9

VMScore: 231

Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N

Integer signedness error in attach.c in dtach 0.8 allows remote malicious users to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat dtach 0.8

Debian Bug report logs - #625302 dtach: CVE-2012-3368 random text sent on window close Package: dtach; Maintainer for dtach is Stefan Völkel <bd@bc-bdorg>; Source for dtach is src:dtach (PTS, buildd, popcon) Reported by: Tom Woodward <tomwoodwardmail@gmailcom> Date: Tue, 3 May 2011 10:42:13 UTC Severity: import ...

CWE-189 http://sourceforge.net/tracker/?func=detail&aid=3517812&group_id=36489&atid=417357 https://bugzilla.redhat.com/show_bug.cgi?id=812551 http://sourceforge.net/tracker/download.php?group_id=36489&atid=417357&file_id=441195&aid=3517812 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=625302 https://bugzilla.redhat.com/show_bug.cgi?id=835849 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=625302 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-3368

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect