Bugtraq mailing list archives

security vulnerabilities in screen

From: hansen () NETSERVER STANFORD EDU (Stephen E. Hansen)
Date: Mon, 30 Oct 1995 10:15:55 -0800


Someone just send me a note asking if I was aware of any security
vulnerabilities in the program "screen" (it uses ptty's for multiple
sessions and session reconnects).  He was concerned because it claims
to need to be suid root to function properly.  I have a fuzzy memory
of there a security problem report about screen, but it was two or
three years ago and I can't find it in my e-mail archive.

Can any one out there verify that a problem exists or that a patched
version is available?

Thanks,
Stephen Hansen

--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 Stephen E. Hansen - Computer Security Officer - security () Stanford EDU
  Room 319, Sweet Hall Stanford University, Stanford, CA 94305-3090
  Phone: +1-415-723-2911    WWW: http://www.stanford.edu/~security
  Fax:   +1-415-725-1548    PGP: finger security-pgp () netserver Stanford EDU

  The church is near, but the road is icy.
  The bar is far away, but I will walk carefully.  -- Russian Proverb

Current thread:

security vulnerabilities in screen Stephen E. Hansen (Oct 30)
- Re: security vulnerabilities in screen Richard Bellingar (Nov 01)