Lucene search
HistoryDec 15, 2003 - 5:00 a.m.
CVE-2003-0972
cve-2003-0972
ansi
buffer overflow
gnu screen
integer signedness error
nvd
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.1 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
68.5%
Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of “;” (semicolon) characters in escape sequences, which leads to a buffer overflow.
Affected configurations
Node
gnuscreenMatch3.9.4
ORgnuscreenMatch3.9.8
ORgnuscreenMatch3.9.9
ORgnuscreenMatch3.9.10
ORgnuscreenMatch3.9.11
ORgnuscreenMatch3.9.13
ORgnuscreenMatch3.9.15
ORgnuscreenMatch4.0.1
Related
nessus
nessus
Mandrake Linux Security Advisory : screen (MDKSA-2003:113)
2004-07-31 00:00:00
Debian DSA-408-1 : screen - integer overflow
2004-09-29 00:00:00
openvas
openvas
Debian Security Advisory DSA 408-1 (screen)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-408)
2008-01-17 00:00:00
osv
osv
screen - integer overflow
2004-01-05 00:00:00
cvelist
cvelist
CVE-2003-0972
2003-12-02 05:00:00
debiancve
debiancve
CVE-2003-0972
2003-12-15 05:00:00
debian
debian
[SECURITY] [DSA 408-1] New screen packages fix group utmp exploit
2004-01-05 14:27:11
[SECURITY] [DSA 408-1] New screen packages fix group utmp exploit
2004-01-05 14:27:11
ubuntucve
ubuntucve
CVE-2003-0972
2003-12-15 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 408-1] New screen packages fix group utmp exploit
2004-01-06 00:00:00
nvd
nvd
CVE-2003-0972
2003-12-15 05:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.1 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
68.5%
Related for CVE-2003-0972