CVE-2009-1215

Currently unrated

Key Information:

Vendor: Gnu
Status: Gnu Screen
Vendor: CVE Published:; 1 April 2009

Summary

Race condition in GNU screen 4.0.3 allows local users to create or overwrite arbitrary files via a symlink attack on the /tmp/screen-exchange temporary file.

References

https://bugzilla.redhat.com/show_bug.cgi?id=492104

x_refsource_CONFIRM

http://www.openwall.com/lists/oss-security/2009/03/25/7

mailing-listx_refsource_MLIST

https://bugs.launchpad.net/ubuntu/+source/screen/+bug/315993

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 1, 2009
Vulnerability Reserved
Mar 31, 2009