Family: Debian Local Security Checks --> Category: infos
[DSA1202] DSA-1202-1 screen Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
"cstone" and Rich Felker discovered that specially crafted UTF-8 sequences
may lead an out of bands memory write when displayed inside the screen
terminal multiplexer, allowing denial of service and potentially the
execution of arbitrary code.
For the stable distribution (sarge) this problem has been fixed in
version 4.0.2-4.1sarge1. Due to technical problems with the security
buildd infrastructure this update lacks a build for the Sun Sparc
architecture. It will be released as soon as the problems are resolved.
For the unstable distribution (sid) this problem has been fixed in
We recommend that you upgrade your screen package.
Solution : http://www.debian.org/security/2006/dsa-1202
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.