Lucene search

K
debianDebianDEBIAN:DSA-3352-1:A8CC1
HistorySep 04, 2015 - 8:45 a.m.

[SECURITY] [DSA 3352-1] screen security update

2015-09-0408:45:05
lists.debian.org
16

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.1

Confidence

Low

EPSS

0.061

Percentile

93.6%


Debian Security Advisory DSA-3352-1 [email protected]
https://www.debian.org/security/ Laszlo Boszormenyi (GCS)
September 04, 2015 https://www.debian.org/security/faq


Package : screen
CVE ID : CVE-2015-6806
Debian Bug : 797624

A vulnerability was found in screen causing a stack overflow which
results in crashing the screen server process, resulting in denial
of service.

For the oldstable distribution (wheezy), this problem has been fixed
in version 4.1.0~20120320gitdb59704-7+deb7u1.

For the stable distribution (jessie), this problem has been fixed in
version 4.2.1-3+deb8u1.

For the testing (stretch) and unstable (sid) distributions, this problem
has been fixed in version 4.3.1-2.

We recommend that you upgrade your screen packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.1

Confidence

Low

EPSS

0.061

Percentile

93.6%