CVE-2012-3368

Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach.

CVSS v2.0 2.6 LOW

2.6^/10

CVSS v2.0 : LOW

Vector : AV:N/AC:H/Au:N/C:P/I:N/A:N

Exploitability : 4.9 / Impact : 2.9

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=625302
http://sourceforge.net/tracker/?func=detail&aid=3517812&group_id=36489&atid=417357	Exploit
http://sourceforge.net/tracker/download.php?group_id=36489&atid=417357&file_id=441195&aid=3517812	Patch
https://bugzilla.redhat.com/show_bug.cgi?id=812551	Exploit
https://bugzilla.redhat.com/show_bug.cgi?id=835849

Configurations

Configuration 1 (hide)

cpe:2.3:a:redhat:dtach:0.8:*:*:*:*:*:*:*

History

No history.

Information

Published : 2012-07-03 21:55

Updated : 2024-02-28 12:00

NVD link : CVE-2012-3368

Mitre link : CVE-2012-3368

CVE.ORG link : CVE-2012-3368

JSON object : View

Products Affected

redhat

dtach

CWE

CWE-189

Numeric Errors

{"id": "CVE-2012-3368", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.6, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "HIGH", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-07-03T21:55:01.567", "references": [{"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=625302", "source": "secalert@redhat.com"}, {"url": "http://sourceforge.net/tracker/?func=detail&aid=3517812&group_id=36489&atid=417357", "tags": ["Exploit"], "source": "secalert@redhat.com"}, {"url": "http://sourceforge.net/tracker/download.php?group_id=36489&atid=417357&file_id=441195&aid=3517812", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=812551", "tags": ["Exploit"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=835849", "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-189"}]}], "descriptions": [{"lang": "en", "value": "Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach."}, {"lang": "es", "value": "Error de entero sin signo en attach.c en dtach v0.8 permite a atacantes remotos obtener informaci\u00f3n sensible desde el demonio de la pila de memoria en circunstancias oportunas leyendo datos de la aplicaci\u00f3n despu\u00e9s de una petici\u00f3n de cerrado de conexi\u00f3n (connection-close) irregular, como se demostr\u00f3 ejecutando un cliente de IRC en dtach."}], "lastModified": "2012-07-04T04:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:dtach:0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E0367B7-1BA3-40EE-A670-558E079DFF4E"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}