Published: 20/03/2017 Updated: 24/08/2020

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 643

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

GNU screen prior to 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu screen

Debian Bug report logs - #852484 screen: CVE-2017-5618: Privilege escalation in Screen 450 Package: screen; Maintainer for screen is Axel Beckert <abe@debianorg>; Source for screen is src:screen (PTS, buildd, popcon) Reported by: Axel Beckert <abe@debianorg> Date: Tue, 24 Jan 2017 21:39:02 UTC Severity: grave Ta ...

GNU screen before 451 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions ...

CWE-863 https://lists.gnu.org/archive/html/screen-devel/2017-01/msg00025.html http://www.securityfocus.com/bid/95873 http://www.openwall.com/lists/oss-security/2017/01/29/3 http://savannah.gnu.org/bugs/?50142 http://git.savannah.gnu.org/cgit/screen.git/tree/src/ChangeLog?h=v.4.5.1 http://git.savannah.gnu.org/cgit/screen.git/patch/?id=1c6d2817926d30c9a7a97d99af7ac5de4a5845b8 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852484 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-5618

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect