screen User Supplied Format String Vulnerability

To check for the existence of this vulnerability, place the following in your .screenrc:
vbell on
vbell_msg '%x'

Set the term to VT100, and press control-g. If the message printed is a hexidecimal number, and the screen binary is setuid root, the installed copy of screen is vulnerable.

For more information on expl.c, see bugtraq posts under credit with subject lines "Screen-3.7.6 local compromise" and "screen 3.9.5 vulnerability - further exploit".


 

Privacy Statement
Copyright 2010, SecurityFocus