CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2007-3048 – Screen 4.0.3 (OpenBSD) - Local Authentication Bypass
https://notcve.org/view.php?id=CVE-2007-3048
GNU screen 4.0.3 allows local users to unlock the screen via a CTRL-C sequence at the password prompt. NOTE: multiple third parties report inability to reproduce this issue ** IMPUGNADA ** GNU screen 4.0.3 permite a usuarios locales desbloquear la pantalla mediante una secuencia CTRL-C en la línea de comandos. NOTA: múltiples terceras partes han reportado la incapacidad de reproducir este problema. • https://www.exploit-db.com/exploits/4028 http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063706.html http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063710.html http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063721.html http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063728.html https://exchange.xforce.ibmcloud.com/vulnerabilities/34693 •
CVSS: 2.6EPSS: 4%CPEs: 1EXPL: 0CVE-2006-4573
https://notcve.org/view.php?id=CVE-2006-4573
Multiple unspecified vulnerabilities in the "utf8 combining characters handling" (utf8_handle_comb function in encoding.c) in screen before 4.0.3 allows user-assisted attackers to cause a denial of service (crash or hang) via certain UTF8 sequences. Múltiples vulnerabilidades no especificadas en el "manejo de combinaciones de caracteres utf8" (función utf8_handle_comb en encoding.c) en screen anterior a 4.0.3 permite a atacantes con la complicidad del usuario provocar una denegación de servicio (caída o cuelgue) mediante ciertas secuencias UTF8. • http://docs.info.apple.com/article.html?artnum=305530 http://lists.apple.com/archives/security-announce/2007/May/msg00004.html http://lists.gnu.org/archive/html/screen-users/2006-10/msg00028.html http://secunia.com/advisories/22573 http://secunia.com/advisories/22583 http://secunia.com/advisories/22611 http://secunia.com/advisories/22647 http://secunia.com/advisories/22649 http://secunia.com/advisories/22707 http://secunia.com/advisories/22726 http://secunia.com/advisories/2 •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2003-0972
https://notcve.org/view.php?id=CVE-2003-0972
Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow. Error de falta de signo en enteros en ansi.c de GNU screen 4.0.1 y anteriores, y 3.9.15 y anteriores, permite a usuarios locales ejecutar código arbitrario mediante un gran número de caractéres ";" (punto y coma) en secuencias de escape, lo que conduce a un desbordamiento de búfer. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000809 http://groups.yahoo.com/group/gnu-screen/message/3118 http://marc.info/?l=bugtraq&m=106995837813873&w=2 http://secunia.com/advisories/10539 http://www.debian.org/security/2004/dsa-408 http://www.mandriva.com/security/advisories?name=MDKSA-2003:113 •
CVSS: 4.6EPSS: 0%CPEs: 5EXPL: 3CVE-2002-1602 – GNU Screen 3.9.x Braille Module - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-1602
Buffer overflow in the Braille module for GNU screen 3.9.11, when HAVE_BRAILLE is defined, allows local users to execute arbitrary code. • https://www.exploit-db.com/exploits/21414 http://www.kb.cert.org/vuls/id/524227 http://www.securityfocus.com/archive/1/268998 http://www.securityfocus.com/bid/4578 https://exchange.xforce.ibmcloud.com/vulnerabilities/8929 •