[2322] in bugtraq
security vulnerabilities in screen
daemon@ATHENA.MIT.EDU (Stephen E. Hansen)
Wed Nov 1 12:28:48 1995
Date: Mon, 30 Oct 1995 10:15:55 -0800
Reply-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
From: "Stephen E. Hansen" <hansen@NETSERVER.STANFORD.EDU>
X-To: BUGTRAQ@CRIMELAB.COM
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>
Someone just send me a note asking if I was aware of any security
vulnerabilities in the program "screen" (it uses ptty's for multiple
sessions and session reconnects). He was concerned because it claims
to need to be suid root to function properly. I have a fuzzy memory
of there a security problem report about screen, but it was two or
three years ago and I can't find it in my e-mail archive.
Can any one out there verify that a problem exists or that a patched
version is available?
Thanks,
Stephen Hansen
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Stephen E. Hansen - Computer Security Officer - security@Stanford.EDU
Room 319, Sweet Hall Stanford University, Stanford, CA 94305-3090
Phone: +1-415-723-2911 WWW: http://www.stanford.edu/~security
Fax: +1-415-725-1548 PGP: finger security-pgp@netserver.Stanford.EDU
The church is near, but the road is icy.
The bar is far away, but I will walk carefully. -- Russian Proverb
