Screen Security Vulnerabilities and Issues — Screen CVE List

GnuScreen

9 matches found

CVE•added 2021/02/09 7:35 p.m.•593 views

CVE-2021-26937

CVE-2021-26937 affects the GNU Screen utility. The vulnerability exists in encoding.c when handling combining characters/UTF-8 sequences, and can enable a remote attacker to cause a denial of service (invalid write access and crash) or, in some advisories, potentially arbitrary code execution. Af...

9.8CVSS9.6AI score0.09147EPSS

CVE•added 2023/04/08 12:0 a.m.•157 views

CVE-2023-24626

CVE-2023-24626 affects GNU Screen up to version 4.9.0. When screen is installed setuid/setgid, local attackers can send a privileged SIGHUP to any PID, causing DoS or disruption. Affected product: GNU Screen (socket.c). Root cause: privileged signal handling via setuid/setgid path. Impact: local ...

6.5CVSS5.9AI score0.00545EPSS

CVE•added 2017/03/20 4:0 p.m.•104 views

CVE-2017-5618

GNU Screen

7.8CVSS7.4AI score0.01087EPSS

CVE•added 2020/02/24 4:20 p.m.•101 views

CVE-2020-9366

GNU Screen before 4.8.0 is vulnerable to a buffer overflow in handling the OSC 49 escape sequence, allowing specially crafted output to corruption memory and potentially crash Screen or have unspecified impact. Public documents (CVE-2020-9366, GLSA-202003-62) describe the affected version range a...

9.8CVSS9.9AI score0.0264EPSS

CVE•added 2006/10/24 6:0 p.m.•87 views

CVE-2006-4573

CVE-2006-4573 affects the terminal multiplexer “screen” up to version 4.0.3. The root cause is in the utf8_handle_comb function in encoding.c, where certain UTF-8 sequences can cause a denial of service (crash or hang). Multiple connected advisories reference this issue across various distributio...

2.6CVSS7.5AI score0.02096EPSS

CVE•added 2009/04/01 10:0 a.m.•72 views

CVE-2009-1214

CVE-2009-1214 affects GNU screen 4.0.3, which creates the /tmp/screen-exchange temporary file with world-readable permissions, enabling local users to potentially obtain sensitive session information (confidentiality impact: COMPLETE). The issue is local, due to permissive file mode, and is corro...

4.9CVSS6.1AI score0.00343EPSS

CVE•added 2007/06/05 11:0 p.m.•69 views

CVE-2007-3048

Summary: CVE-2007-3048 affects GNU Screen 4.0.3, where local users may unlock the screen by issuing a CTRL-C at the password prompt. The issue has been reported with inconsistent reproducibility across reports. Impact: Local privilege-related concern affecting screen sessions; exploitation appear...

7.2CVSS6.3AI score0.00707EPSS

CVE•added 2003/12/02 5:0 a.m.•60 views

CVE-2003-0972

CVE-2003-0972 affects the GNU screen terminal multiplexer with an integer overflow in the handling of escape sequences (long sequences with semicolons), leading to a buffer overflow. Public advisories (e.g., Debian DSA-408) confirm local privilege escalation by gaining group utmp privileges and l...

10CVSS7.1AI score0.03401EPSS

CVE•added 2005/03/25 5:0 a.m.•42 views

CVE-2002-1602

CVE-2002-1602 describes a buffer overflow in the Braille module for GNU Screen 3.9.11 when HAVE_BRAILLE is defined. This vulnerability could allow local users to execute arbitrary code due to the overflow in the Braille support path. The affected component is the Braille module within GNU Screen;...

4.6CVSS7.2AI score0.01261EPSS