CVE-2003-0972
CVSS10.0
发布时间 :2003-12-15 00:00:00
修订时间 :2016-10-17 22:38:38
NMCOS    

[原文]Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow.


[CNNVD]GNU Screen转义序列缓冲区溢出漏洞(CNNVD-200312-037)

        
        Screen是一款免费开放源代码的终端管理软件,由Free Software Foundation分发和维护,可使用在多种Unix和Linux操作系统下。
        Screen不正确处理转义序列字符,本地或者远程攻击者可以利用这个漏洞进行缓冲区溢出攻击,精心构建提交数据可能以进程权限在系统上执行任意指令。
        问题存在于ansi.c代码中:
        ansi.c:
         case '0': case '1': case '2': case '3': case '4':
         case '5': case '6': case '7': case '8': case '9':
         if (curr->w_NumArgs < MAXARGS)
         {
         if (curr->w_args[curr->w_NumArgs] < 100000000)
         curr->w_args[curr->w_NumArgs] =
         10 * curr->w_args[curr->w_NumArgs] + (c - '0');
         }
         break;
         case ';':
         case ':':
         curr->w_NumArgs++;
         break;
        w_NumArgs是一个符号整数,在转义字符中发送2GB';'字符,会引起内部变量变为负值,这样就使能成功绕过< MAXARGS的保护检查,而后续的采用此负值的操作可导致破坏内存信息,可能以进程权限在系统上执行任意指令。
        由于转义序列可源自使用SSH,telnet,或其他网络工具的远程网络会话,因此此漏洞也可能被远程利用。
        

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:gnu:screen:3.9.10GNU screen 3.9.10
cpe:/a:gnu:screen:3.9.9GNU screen 3.9.9
cpe:/a:gnu:screen:3.9.8GNU screen 3.9.8
cpe:/a:gnu:screen:3.9.13GNU GNU screen 3.9.13
cpe:/a:gnu:screen:3.9.11GNU screen 3.9.11
cpe:/a:gnu:screen:3.9.4GNU screen 3.9.4
cpe:/a:gnu:screen:4.0.1GNU GNU screen 4.0.1
cpe:/a:gnu:screen:3.9.15GNU GNU screen 3.9.15

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0972
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0972
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200312-037
(官方数据源) CNNVD

- 其它链接及资源

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000809
(UNKNOWN)  CONECTIVA  CLA-2004:809
http://groups.yahoo.com/group/gnu-screen/message/3118
(UNKNOWN)  CONFIRM  http://groups.yahoo.com/group/gnu-screen/message/3118
http://marc.info/?l=bugtraq&m=106995837813873&w=2
(UNKNOWN)  BUGTRAQ  20031127 GNU screen buffer overflow
http://www.debian.org/security/2004/dsa-408
(VENDOR_ADVISORY)  DEBIAN  DSA-408
http://www.mandriva.com/security/advisories?name=MDKSA-2003:113
(UNKNOWN)  MANDRAKE  MDKSA-2003:113

- 漏洞信息

GNU Screen转义序列缓冲区溢出漏洞
危急 边界条件错误
2003-12-15 00:00:00 2005-10-20 00:00:00
远程※本地  
        
        Screen是一款免费开放源代码的终端管理软件,由Free Software Foundation分发和维护,可使用在多种Unix和Linux操作系统下。
        Screen不正确处理转义序列字符,本地或者远程攻击者可以利用这个漏洞进行缓冲区溢出攻击,精心构建提交数据可能以进程权限在系统上执行任意指令。
        问题存在于ansi.c代码中:
        ansi.c:
         case '0': case '1': case '2': case '3': case '4':
         case '5': case '6': case '7': case '8': case '9':
         if (curr->w_NumArgs < MAXARGS)
         {
         if (curr->w_args[curr->w_NumArgs] < 100000000)
         curr->w_args[curr->w_NumArgs] =
         10 * curr->w_args[curr->w_NumArgs] + (c - '0');
         }
         break;
         case ';':
         case ':':
         curr->w_NumArgs++;
         break;
        w_NumArgs是一个符号整数,在转义字符中发送2GB';'字符,会引起内部变量变为负值,这样就使能成功绕过< MAXARGS的保护检查,而后续的采用此负值的操作可导致破坏内存信息,可能以进程权限在系统上执行任意指令。
        由于转义序列可源自使用SSH,telnet,或其他网络工具的远程网络会话,因此此漏洞也可能被远程利用。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 第三方补丁下载:
        --- ansi.c.old 2003-11-15 18:04:12.000000000 +0200
        +++ ansi.c 2003-11-15 18:04:51.000000000 +0200
        @@ -559,7 +559,7 @@
        {
        case '0': case '1': case '2': case '3': case '4':
        case '5': case '6': case '7': case '8': case '9':
        - if (curr->w_NumArgs < MAXARGS)
        + if (curr->w_NumArgs >= 0 && curr->w_NumArgs < MAXARGS)
        {
        if (curr->w_args[curr->w_NumArgs] < 100000000)
        curr->w_args[curr->w_NumArgs] =
        厂商补丁:
        GNU
        ---
        目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
        
        http://www.gnu.org

- 漏洞信息

2874
GNU Screen Local Overflow Privilege Escalation
Input Manipulation
Loss of Integrity

- 漏洞描述

A local overflow exists in GNU Screen. The w_NumArgs signed integer in ansi.c can be overflowed when the "< MAXARGS" protection fails to sanitize the input resulting in an integer overflow. With a specially crafted exploit, a local attacker can gain setgid-utmp or setuid-root privileges.

- 时间线

2003-11-26 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

GNU Screen Escape Sequence Integer Overflow Array Indexing Vulnerability
Boundary Condition Error 9117
Yes Yes
2003-11-27 12:00:00 2009-07-12 12:56:00
Discovery of this issue is credited to Timo Sirainen <tss@iki.fi>.

- 受影响的程序版本

GNU screen 4.0.1
GNU screen 3.9.15
+ Mandriva Linux Mandrake 9.2
GNU screen 3.9.13
+ Conectiva Linux 9.0
+ Conectiva Linux Enterprise Edition 1.0
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
GNU screen 3.9.11
- Caldera OpenLinux Server 3.1.1
- Caldera OpenLinux Workstation 3.1.1
- Conectiva Linux 7.0
- Conectiva Linux 6.0
- Conectiva Linux 5.1
- Conectiva Linux 5.0
- Conectiva Linux graficas
- Conectiva Linux ecommerce
- Debian Linux 2.2 sparc
- Debian Linux 2.2 powerpc
- Debian Linux 2.2 IA-32
- Debian Linux 2.2 arm
- Debian Linux 2.2 alpha
- Debian Linux 2.2 68k
- FreeBSD FreeBSD 4.5 -STABLE
- FreeBSD FreeBSD 4.5 -RELEASE
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4 -STABLE
- FreeBSD FreeBSD 4.4 -RELENG
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3 -STABLE
- FreeBSD FreeBSD 4.3 -RELENG
- FreeBSD FreeBSD 4.3 -RELEASE
- FreeBSD FreeBSD 4.3
- HP HP-UX 11.20
- HP HP-UX 11.11
- HP HP-UX 11.0
- HP HP-UX 10.20
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Multi Network Firewall 2.0
+ Mandriva Linux Mandrake 9.0
- Mandriva Linux Mandrake 8.2
- Mandriva Linux Mandrake 8.1 ia64
- Mandriva Linux Mandrake 8.1
- Mandriva Linux Mandrake 8.0 ppc
- Mandriva Linux Mandrake 8.0
- Mandriva Linux Mandrake 7.2
- NetBSD NetBSD 1.5.2
- NetBSD NetBSD 1.5.1
- NetBSD NetBSD 1.5
- OpenBSD OpenBSD 2.9
- OpenBSD OpenBSD 2.8
- OpenBSD OpenBSD 2.7
- OpenBSD OpenBSD 2.6
- OpenBSD OpenBSD 3.0
- RedHat Linux 7.2 ia64
- RedHat Linux 7.2 i386
- RedHat Linux 7.2 alpha
- RedHat Linux 7.1 ia64
- RedHat Linux 7.1 i386
- RedHat Linux 7.0 sparc
- RedHat Linux 7.0 i386
- RedHat Linux 7.0 alpha
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 i386
- RedHat Linux 6.2 alpha
- S.u.S.E. Linux 7.1 sparc
- S.u.S.E. Linux 7.1 ppc
- S.u.S.E. Linux 7.1 alpha
- S.u.S.E. Linux 7.1
- S.u.S.E. Linux 7.0 sparc
- S.u.S.E. Linux 7.0 ppc
- S.u.S.E. Linux 7.0 i386
- S.u.S.E. Linux 7.0 alpha
- S.u.S.E. Linux 6.4 ppc
- S.u.S.E. Linux 6.4 i386
- S.u.S.E. Linux 6.4 alpha
- Slackware Linux 8.0
- Slackware Linux 7.1
- Sun Solaris 8_x86
- Sun Solaris 8_sparc
- Sun Solaris 7.0_x86
- Sun Solaris 7.0
- Sun Solaris 2.6_x86
- Sun Solaris 2.6
GNU screen 3.9.10
- Caldera OpenLinux Server 3.1.1
- Caldera OpenLinux Workstation 3.1.1
+ Conectiva Linux 8.0
- Conectiva Linux 7.0
- Conectiva Linux 6.0
- Conectiva Linux 5.1
- Conectiva Linux 5.0
- Conectiva Linux graficas
- Conectiva Linux ecommerce
- Debian Linux 2.2 sparc
- Debian Linux 2.2 powerpc
- Debian Linux 2.2 IA-32
- Debian Linux 2.2 arm
- Debian Linux 2.2 alpha
- Debian Linux 2.2 68k
- FreeBSD FreeBSD 4.5 -STABLE
- FreeBSD FreeBSD 4.5 -RELEASE
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4 -STABLE
- FreeBSD FreeBSD 4.4 -RELENG
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3 -STABLE
- FreeBSD FreeBSD 4.3 -RELENG
- FreeBSD FreeBSD 4.3 -RELEASE
- FreeBSD FreeBSD 4.3
- HP HP-UX 11.20
- HP HP-UX 11.11
- HP HP-UX 11.0
- HP HP-UX 10.20
- Mandriva Linux Mandrake 8.2
- Mandriva Linux Mandrake 8.1 ia64
- Mandriva Linux Mandrake 8.1
- Mandriva Linux Mandrake 8.0 ppc
- Mandriva Linux Mandrake 8.0
- Mandriva Linux Mandrake 7.2
- NetBSD NetBSD 1.5.2
- NetBSD NetBSD 1.5.1
- NetBSD NetBSD 1.5
- OpenBSD OpenBSD 2.9
- OpenBSD OpenBSD 2.8
- OpenBSD OpenBSD 2.7
- OpenBSD OpenBSD 2.6
- OpenBSD OpenBSD 3.0
- RedHat Linux 7.2 ia64
- RedHat Linux 7.2 i386
- RedHat Linux 7.2 alpha
- RedHat Linux 7.1 ia64
- RedHat Linux 7.1 i386
- RedHat Linux 7.0 sparc
- RedHat Linux 7.0 i386
- RedHat Linux 7.0 alpha
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 i386
- RedHat Linux 6.2 alpha
- S.u.S.E. Linux 7.1 sparc
- S.u.S.E. Linux 7.1 ppc
- S.u.S.E. Linux 7.1 alpha
- S.u.S.E. Linux 7.1
- S.u.S.E. Linux 7.0 sparc
- S.u.S.E. Linux 7.0 ppc
- S.u.S.E. Linux 7.0 i386
- S.u.S.E. Linux 7.0 alpha
- S.u.S.E. Linux 6.4 ppc
- S.u.S.E. Linux 6.4 i386
- S.u.S.E. Linux 6.4 alpha
+ SCO OpenLinux Server 3.1.1
+ SCO OpenLinux Workstation 3.1.1
- Slackware Linux 8.0
- Slackware Linux 7.1
- Sun Solaris 8_x86
- Sun Solaris 8_sparc
- Sun Solaris 7.0_x86
- Sun Solaris 7.0
- Sun Solaris 2.6_x86
- Sun Solaris 2.6
GNU screen 3.9.9
- Caldera OpenLinux Server 3.1.1
- Caldera OpenLinux Workstation 3.1.1
- Conectiva Linux 7.0
- Conectiva Linux 6.0
- Conectiva Linux 5.1
- Conectiva Linux 5.0
- Conectiva Linux graficas
- Conectiva Linux ecommerce
- Debian Linux 2.2 sparc
- Debian Linux 2.2 powerpc
- Debian Linux 2.2 IA-32
- Debian Linux 2.2 arm
- Debian Linux 2.2 alpha
- Debian Linux 2.2 68k
- FreeBSD FreeBSD 4.5 -STABLE
- FreeBSD FreeBSD 4.5 -RELEASE
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4 -STABLE
- FreeBSD FreeBSD 4.4 -RELENG
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3 -STABLE
- FreeBSD FreeBSD 4.3 -RELENG
- FreeBSD FreeBSD 4.3 -RELEASE
- FreeBSD FreeBSD 4.3
- HP HP-UX 11.20
- HP HP-UX 11.11
- HP HP-UX 11.0
- HP HP-UX 10.20
- Mandriva Linux Mandrake 8.2
- Mandriva Linux Mandrake 8.1 ia64
- Mandriva Linux Mandrake 8.1
- Mandriva Linux Mandrake 8.0 ppc
- Mandriva Linux Mandrake 8.0
- Mandriva Linux Mandrake 7.2
- NetBSD NetBSD 1.5.2
- NetBSD NetBSD 1.5.1
- NetBSD NetBSD 1.5
- OpenBSD OpenBSD 2.9
- OpenBSD OpenBSD 2.8
- OpenBSD OpenBSD 2.7
- OpenBSD OpenBSD 2.6
- OpenBSD OpenBSD 3.0
- RedHat Linux 7.2 ia64
- RedHat Linux 7.2 i386
- RedHat Linux 7.2 alpha
- RedHat Linux 7.1 ia64
- RedHat Linux 7.1 i386
- RedHat Linux 7.0 sparc
- RedHat Linux 7.0 i386
- RedHat Linux 7.0 alpha
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 i386
- RedHat Linux 6.2 alpha
- S.u.S.E. Linux 7.1 sparc
- S.u.S.E. Linux 7.1 ppc
- S.u.S.E. Linux 7.1 alpha
- S.u.S.E. Linux 7.1
- S.u.S.E. Linux 7.0 sparc
- S.u.S.E. Linux 7.0 ppc
- S.u.S.E. Linux 7.0 i386
- S.u.S.E. Linux 7.0 alpha
- S.u.S.E. Linux 6.4 ppc
- S.u.S.E. Linux 6.4 i386
- S.u.S.E. Linux 6.4 alpha
- Slackware Linux 8.0
- Slackware Linux 7.1
- Sun Solaris 8_x86
- Sun Solaris 8_sparc
- Sun Solaris 7.0_x86
- Sun Solaris 7.0
- Sun Solaris 2.6_x86
- Sun Solaris 2.6
GNU screen 3.9.8
- Caldera OpenLinux Server 3.1.1
- Caldera OpenLinux Workstation 3.1.1
- Conectiva Linux 7.0
- Conectiva Linux 6.0
- Conectiva Linux 5.1
- Conectiva Linux 5.0
- Conectiva Linux graficas
- Conectiva Linux ecommerce
- Debian Linux 2.2 sparc
- Debian Linux 2.2 powerpc
- Debian Linux 2.2 IA-32
- Debian Linux 2.2 arm
- Debian Linux 2.2 alpha
- Debian Linux 2.2 68k
- FreeBSD FreeBSD 4.5 -STABLE
- FreeBSD FreeBSD 4.5 -RELEASE
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4 -STABLE
- FreeBSD FreeBSD 4.4 -RELENG
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3 -STABLE
- FreeBSD FreeBSD 4.3 -RELENG
- FreeBSD FreeBSD 4.3 -RELEASE
- FreeBSD FreeBSD 4.3
- HP HP-UX 11.20
- HP HP-UX 11.11
- HP HP-UX 11.0
- HP HP-UX 10.20
- Mandriva Linux Mandrake 8.2
- Mandriva Linux Mandrake 8.1 ia64
- Mandriva Linux Mandrake 8.1
- Mandriva Linux Mandrake 8.0 ppc
- Mandriva Linux Mandrake 8.0
- Mandriva Linux Mandrake 7.2
- NetBSD NetBSD 1.5.2
- NetBSD NetBSD 1.5.1
- NetBSD NetBSD 1.5
- OpenBSD OpenBSD 2.9
- OpenBSD OpenBSD 2.8
- OpenBSD OpenBSD 2.7
- OpenBSD OpenBSD 2.6
- OpenBSD OpenBSD 3.0
- RedHat Linux 7.2 ia64
- RedHat Linux 7.2 i386
- RedHat Linux 7.2 alpha
- RedHat Linux 7.1 ia64
- RedHat Linux 7.1 i386
- RedHat Linux 7.0 sparc
- RedHat Linux 7.0 i386
- RedHat Linux 7.0 alpha
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 i386
- RedHat Linux 6.2 alpha
- S.u.S.E. Linux 7.1 sparc
- S.u.S.E. Linux 7.1 ppc
- S.u.S.E. Linux 7.1 alpha
- S.u.S.E. Linux 7.1
- S.u.S.E. Linux 7.0 sparc
- S.u.S.E. Linux 7.0 ppc
- S.u.S.E. Linux 7.0 i386
- S.u.S.E. Linux 7.0 alpha
- S.u.S.E. Linux 6.4 ppc
- S.u.S.E. Linux 6.4 i386
- S.u.S.E. Linux 6.4 alpha
- Slackware Linux 8.0
- Slackware Linux 7.1
- Sun Solaris 8_x86
- Sun Solaris 8_sparc
- Sun Solaris 7.0_x86
- Sun Solaris 7.0
- Sun Solaris 2.6_x86
- Sun Solaris 2.6
GNU screen 3.9.4
- Caldera OpenLinux Server 3.1.1
- Caldera OpenLinux Workstation 3.1.1
- Conectiva Linux 7.0
- Conectiva Linux 6.0
- Conectiva Linux 5.1
- Conectiva Linux 5.0
- Conectiva Linux graficas
- Conectiva Linux ecommerce
- Debian Linux 2.2 sparc
- Debian Linux 2.2 powerpc
- Debian Linux 2.2 IA-32
- Debian Linux 2.2 arm
- Debian Linux 2.2 alpha
- Debian Linux 2.2 68k
- FreeBSD FreeBSD 4.5 -STABLE
- FreeBSD FreeBSD 4.5 -RELEASE
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4 -STABLE
- FreeBSD FreeBSD 4.4 -RELENG
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3 -STABLE
- FreeBSD FreeBSD 4.3 -RELENG
- FreeBSD FreeBSD 4.3 -RELEASE
- FreeBSD FreeBSD 4.3
- HP HP-UX 11.20
- HP HP-UX 11.11
- HP HP-UX 11.0
- HP HP-UX 10.20
- Mandriva Linux Mandrake 8.2
- Mandriva Linux Mandrake 8.1 ia64
- Mandriva Linux Mandrake 8.1
- Mandriva Linux Mandrake 8.0 ppc
- Mandriva Linux Mandrake 8.0
- Mandriva Linux Mandrake 7.2
- NetBSD NetBSD 1.5.2
- NetBSD NetBSD 1.5.1
- NetBSD NetBSD 1.5
- OpenBSD OpenBSD 2.9
- OpenBSD OpenBSD 2.8
- OpenBSD OpenBSD 2.7
- OpenBSD OpenBSD 2.6
- OpenBSD OpenBSD 3.0
- RedHat Linux 7.2 ia64
- RedHat Linux 7.2 i386
- RedHat Linux 7.2 alpha
- RedHat Linux 7.1 ia64
- RedHat Linux 7.1 i386
- RedHat Linux 7.0 sparc
- RedHat Linux 7.0 i386
- RedHat Linux 7.0 alpha
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 i386
- RedHat Linux 6.2 alpha
- S.u.S.E. Linux 7.1 sparc
- S.u.S.E. Linux 7.1 ppc
- S.u.S.E. Linux 7.1 alpha
- S.u.S.E. Linux 7.1
- S.u.S.E. Linux 7.0 sparc
- S.u.S.E. Linux 7.0 ppc
- S.u.S.E. Linux 7.0 i386
- S.u.S.E. Linux 7.0 alpha
- S.u.S.E. Linux 6.4 ppc
- S.u.S.E. Linux 6.4 i386
- S.u.S.E. Linux 6.4 alpha
- Slackware Linux 8.0
- Slackware Linux 7.1
- Sun Solaris 8_x86
- Sun Solaris 8_sparc
- Sun Solaris 7.0_x86
- Sun Solaris 7.0
- Sun Solaris 2.6_x86
- Sun Solaris 2.6

- 漏洞讨论

GNU Screen is prone to a signed integer overflow vulnerability that may be triggered by including 2-gigabytes or more of semi-colons (;) or colones (:) in an escape sequence. This will cause an internal variable to wrap to a negative value, causing a size check to succeed when it should have failed. Further operations using this negative value may potentially cause memory to be corrupted with attacker-controlled data, potentially allowing for code execution.

This issue could be exploited locally to gain elevated privileges or in some cases remote exploitation may also be possible (though unlikely due to the amount of data required) since escape sequences could originate from a remote network session using SSH, telnet or another network client. Screen is usually installed with setgid utmp or setuid root permissions.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

- 解决方案

SCO have released an advisory (CSSA-2004-011.0) and fixes to address this issue in OpenLinux 3.1.1 Server and Workstation. Please see referenced advisory for additional details regarding obtaining and applying appropriate fixes. Fixes are linked below.

OpenPKG has released a security advisory OpenPKG-SA-2003.050 to address this issue. Please see the referenced advisory for detailed information about obtaining fixes.

Mandrake has released an advisory and fixes to address this issue.

Debian has released security advisory DSA 408-1 to address this issue.

Conectiva has released security advisory CLSA-2004:805 to address this issue in CLEE 1.0. Conectiva also released advisory CLA-2004:809 for Conectiva Linux 8 and 9.


GNU screen 3.9.10

GNU screen 3.9.11

GNU screen 3.9.13

GNU screen 3.9.15

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站