screen User Supplied Format String Vulnerability

Various format string vulnerabilities exist in versions 3.9.5 and prior of 'screen' that may allow local users to elevate their privileges. If screen is setuid root, it is possible to alter the contents of the variable which stores the user id.


 

Privacy Statement
Copyright 2010, SecurityFocus