FreeBSD : screen -- combined UTF-8 characters vulnerability (b318dc8c-6756-11db-83c3-000c6ec775d9)

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

A vulnerability in the handling of combined UTF-8 characters in screen
may allow an user-assisted attacker to crash screen or potentially
allow code execution as the user running screen. To exploit this issue
the user running scren must in some way interact with the attacker.

See also :

http://lists.gnu.org/archive/html/screen-users/2006-10/msg00028.html
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=212056
http://www.nessus.org/u?1d2e5cab

Solution :

Update the affected package.

Risk factor :

Low / CVSS Base Score : 2.6
(CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 1.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 22925 (freebsd_pkg_b318dc8c675611db83c3000c6ec775d9.nasl)

Bugtraq ID: 20727

CVE ID: CVE-2006-4573

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now