5 - DSA-3352

Summary
Title	screen security update

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score	5	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

A vulnerability was found in screen causing a stack overflow which results in crashing the screen server process, resulting in denial of service.

For the oldstable distribution (wheezy), this problem has been fixed in version 4.1.0~20120320gitdb59704-7+deb7u1.

For the stable distribution (jessie), this problem has been fixed in version 4.2.1-3+deb8u1.

For the testing (stretch) and unstable (sid) distributions, this problem has been fixed in version 4.3.1-2.

We recommend that you upgrade your screen packages.

%	Id	Name
100 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

Type	Description	Count
Application	Gnu Gnu Screen cpe:2.3:a:gnu:gnu_screen:4.0.3:::::::*	1

Date	Description
2015-09-09	Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_98092444564511e59ad814dae9d210b8.nasl - Type : ACT_GATHER_INFO
2015-09-08	Name : The remote Debian host is missing a security update. File : debian_DLA-305.nasl - Type : ACT_GATHER_INFO
2015-09-08	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3352.nasl - Type : ACT_GATHER_INFO

If you want to see full details history, please login or register.

	Related
5	CVE-2015-6806
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)