26 matches found
EUVD-2013-6228
Malware in sbrugna...
EUVD-2005-4881
Malware in sbrugna...
SUSE SLES12 Security Update : screen (SUSE-SU-2025:02186-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:02186-1 advisory. Security issues fixed: - CVE-2025-46802: temporary chmod of a user's TTY to mode 0666 when attempting to attach to a multi-user session allows for TTY...
Security update for screen
This update for screen fixes the following issues: Security issues fixed: CVE-2025-46802: temporary chmod of a user's TTY to mode 0666 when attempting to attach to a multi-user session allows for TTY hijacking bsc1242269. Other issues fixed: Use TTY file descriptor passing after a suspend MSGCONT...
SUSE-SU-2025:02186-1 Security update for screen
This update for screen fixes the following issues: Security issues fixed: - CVE-2025-46802: temporary chmod of a user's TTY to mode 0666 when attempting to attach to a multi-user session allows for TTY hijacking bsc1242269. Other issues fixed: - Use TTY file descriptor passing after a suspend...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : screen (SUSE-SU-2025:02016-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:02016-1 advisory. Security issues fixed: - CVE-2025-46802: temporary chmod of a user's TTY to mode 0666 when attempting to...
openSUSE Security Advisory (SUSE-SU-2025:02016-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2025:02016-1 Security update for screen
This update for screen fixes the following issues: Security issues fixed: - CVE-2025-46802: temporary chmod of a user's TTY to mode 0666 when attempting to attach to a multi-user session allows for TTY hijacking bsc1242269. Other issues fixed: - Use TTY file descriptor passing after a suspend...
Amazon Linux 2023 : screen (ALAS2023-2025-1006)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1006 advisory. TTY Hijacking while Attaching to a Multiuser Session in the screen package Has potential to break some reattach use cases, but the specific use case was broken already before.screen in Debian not...
Amazon Linux 2 : screen (ALAS-2025-2878)
The version of screen installed on the remote host is prior to 4.1.0-0.27.20120314git3c2946. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2878 advisory. TTY Hijacking while Attaching to a Multiuser Session in the screen package Has potential to break some reattach...
Medium: screen
Issue Overview: TTY Hijacking while Attaching to a Multiuser Session in the screen package Has potential to break some reattach use cases, but the specific use case was broken already before. screen in Debian not installed setuid or setgid DEBIANBUG: 1105191 Info:...
Medium: screen
Issue Overview: TTY Hijacking while Attaching to a Multiuser Session in the screen package Has potential to break some reattach use cases, but the specific use case was broken already before. screen in Debian not installed setuid or setgid DEBIANBUG: 1105191 Info:...
Medium: screen
Issue Overview: TTY Hijacking while Attaching to a Multiuser Session in the screen package Has potential to break some reattach use cases, but the specific use case was broken already before. screen in Debian not installed setuid or setgid DEBIANBUG: 1105191 Info:...
Unspecified Vulnerability in Gnu Screen
Gnu Screen is an application from the American GNU community. It provides the effect of getting multiple virtual terminals on one physical terminal. Gnu Screen suffers from a security vulnerability that stems from TTY hijacking, but no details of the vulnerability are available at this time...
GNU Screen 安全漏洞
Gnu Screen is an application from the American GNU community. It provides the effect of getting multiple virtual terminals on one physical terminal. Gnu Screen suffers from a security vulnerability that stems from TTY hijacking, but no details of the vulnerability are available at this time...
CVE-2025-46802
creationtimestamp| type| source ---|---|--- 2025-05-12 17:00:00+00:00| seen| https://security.opensuse.org/2025/05/12/screen-security-issues.html3b-tty-hijacking-while-attaching-to-a-multi-user-session-cve-2025-46802 2025-05-13 11:28:49+00:00| seen| https://news.ycombinator.com/item?id=43971716...
CVE-2025-46803
creationtimestamp| type| source ---|---|--- 2025-05-12 17:00:00+00:00| seen| https://security.opensuse.org/2025/05/12/screen-security-issues.html3b-tty-hijacking-while-attaching-to-a-multi-user-session-cve-2025-46802 2025-05-13 16:45:54+00:00| seen| https://t.me/proxybar/2615 2025-05-14...
Linux Distros Unpatched Vulnerability : CVE-2005-4890
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via su - user -c program. The user session can be escaped to the parent...
RHEL 4 : coreutils (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - coreutils: tty hijacking possible in su via TIOCSTI ioctl CVE-2005-4890 - coreutils: race condition...
CVE-2005-4890
There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process...