Bugtraq mailing list archives
Re: GNU screen buffer overflow
From: Mariusz Woloszyn <emsi () ipartners pl>
Date: Mon, 1 Dec 2003 12:41:16 +0100 (CET)
On Thu, 27 Nov 2003, Timo Sirainen wrote:
Buffer overflow in GNU screen allows privilege escalation for local users. Usually screen is installed either setgid-utmp or setuid-root.
With devpts and libutempter it is possible to install fully functional screen without suid/sgid. -- Mariusz Wołoszyn Internet Security Specialist, GTS - Internet Partners
Current thread:
- Re: GNU screen buffer overflow Mariusz Woloszyn (Dec 01)
- Re: GNU screen buffer overflow Kyle Sallee (Dec 03)
- Re: GNU screen buffer overflow Pavel Kankovsky (Dec 03)
- Re: GNU screen buffer overflow Casper Dik (Dec 03)
- Re: GNU screen buffer overflow Pavel Kankovsky (Dec 03)
- Re: GNU screen buffer overflow Kyle Sallee (Dec 03)