GNU Screen 4.0.3

CPE Details

GNU Screen 4.0.3
gnu
screen
4.0.3
2007-08-23
19h16 +00:00
2009-04-01
15h05 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:gnu:screen:4.0.3:*:*:*:*:*:*:*

Informations

Vendor

gnu

Product

screen

Version

4.0.3

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-24626 2023-04-08 00h00 +00:00 socket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process.
6.5
Medium
CVE-2021-26937 2021-02-09 18h35 +00:00 encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence.
9.8
Critical
CVE-2020-9366 2020-02-24 15h20 +00:00 A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly have unspecified other impact.
9.8
Critical
CVE-2017-5618 2017-03-20 15h00 +00:00 GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions.
7.8
High
CVE-2009-1214 2009-04-01 08h00 +00:00 GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with world-readable permissions, which might allow local users to obtain sensitive session information.
4.9
CVE-2007-3048 2007-06-05 21h00 +00:00 GNU screen 4.0.3 allows local users to unlock the screen via a CTRL-C sequence at the password prompt. NOTE: multiple third parties report inability to reproduce this issue
7.2