GNU screen prior to 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions.
Debian Bug report logs -
#852484
screen: CVE-2017-5618: Privilege escalation in Screen 450
Package:
screen;
Maintainer for screen is Axel Beckert <abe@debianorg>; Source for screen is src:screen (PTS, buildd, popcon)
Reported by: Axel Beckert <abe@debianorg>
Date: Tue, 24 Jan 2017 21:39:02 UTC
Severity: grave
Ta ...
GNU screen before 451 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions ...