CVE-2015-6806

Currently unrated

Key Information:

Vendor: Gnu
Status: Gnu Screen
Vendor: CVE Published:; 28 September 2015

Summary

The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, which allows remote attackers to cause a denial of service (stack consumption) via an escape sequence with a large repeat count value.

References

http://www.openwall.com/lists/oss-security/2015/09/03/11

mailing-listx_refsource_MLIST

http://www.openwall.com/lists/oss-security/2015/09/01/1

mailing-listx_refsource_MLIST

http://git.savannah.gnu.org/cgit/screen.git/commit/?id=b7...

x_refsource_CONFIRM

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 28, 2015
Vulnerability Reserved
Sep 3, 2015