[16661] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

'screen' exploit errata: RHSA-2000:058-03

daemon@ATHENA.MIT.EDU (Dunnavant Crutcher)
Fri Sep 8 12:09:35 2000

Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id:  <39B7F3AA.32A4DC07@redhat.com>
Date:         Thu, 7 Sep 2000 15:59:38 -0400
Reply-To: crutcher@REDHAT.COM
From: Dunnavant Crutcher <crutcher@REDHAT.COM>
X-To:         redhat-watch-list@redhat.com
To: BUGTRAQ@SECURITYFOCUS.COM

Screen allows the user to overload the visual bell with a text message
that
can be set by the user. This text message is handled as a format string,
instead of as a pure string, so maliciously written format strings are
allowed to overwrite the stack. Since screen in Red Hat Linux 5.2 and
earlier releases was setuid root, this security hole could be exploited
to
gain a root shell.

We are pushing an errata on this, that distributes a fixed RPM,
screen-3.7.4-4
The Errata Number is RHSA-2000:058-03
--
"I may be a monkey,     Crutcher Dunnavant
 but I'm a monkey       <crutcher@redhat.com>
 with ambition!"        Red Hat OS Development


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[16661] in bugtraq

'screen' exploit errata: RHSA-2000:058-03

daemon@ATHENA.MIT.EDU (Dunnavant Crutcher)Fri Sep 8 12:09:35 2000

daemon@ATHENA.MIT.EDU (Dunnavant Crutcher)
Fri Sep 8 12:09:35 2000