[16564] in bugtraq
Re: screen 3.9.5 root vulnerability
daemon@ATHENA.MIT.EDU (Signal 11)
Tue Sep 5 02:17:32 2000
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <NEBBKPCNALMEJENIHFBIGEGKCAAA.signal11@mediaone.net>
Date: Mon, 4 Sep 2000 19:33:32 -0500
Reply-To: Signal 11 <signal11@MEDIAONE.NET>
From: Signal 11 <signal11@MEDIAONE.NET>
X-To: =?iso-8859-1?Q?Jouko_Pynn=F6nen?= <jouko@SOLUTIONS.FI>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.10.10009050126090.10855-100000@shell.solutions.fi>
> Red Hat Linux 6.0 and later, most other Linux distributions
Mandrake 7.0 (air) is not vulnerable. Redhat 5.2 is also not
vulnerable (not setuid), as a quick shell into my firewall
noted. I am running 3.07.06 on the aforementioned 5.2 box,
and screen was installed from one of the redhat-provided
RPMs.
It would help for those of us looking into the packages listings
of the various distributions if you provided the earliest
version of screen which has the fix.
~ Signal 11
