Denial of Service Risk in GNU Screen by GNU
CVE-2015-6806

Currently unrated

Key Information:

Vendor
Gnu
Vendor
CVE Published:
28 September 2015

Summary

The MScrollV function in GNU Screen versions 4.3.1 and earlier is prone to a vulnerability that allows remote attackers to trigger a denial of service condition through excessive recursion. By sending an escape sequence with a significantly large repeat count, the function does not adequately restrict recursion levels, potentially leading to stack exhaustion and subsequent crashes or unresponsiveness of the affected application.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.