Upstream information

CVE-2006-4573 at MITRE

Description

Multiple unspecified vulnerabilities in the "utf8 combining characters handling" (utf8_handle_comb function in encoding.c) in screen before 4.0.3 allows user-assisted attackers to cause a denial of service (crash or hang) via certain UTF8 sequences.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 2.6
Vector AV:N/AC:H/Au:N/C:N/I:N/A:P
Access Vector Network
Access Complexity High
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
SUSE Bugzilla entry: 214412 [RESOLVED / FIXED]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s) Fixed package version(s) References
Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
Open Enterprise Server
  • screen >= 4.0.2-41.4
sles9-oes.x86
sles10.s390x
sled10.x86
core9.s390
ZYPP Patch Nr: 2199
SUSE LINUX 10.0
  • screen >= 4.0.2-48.2
SUSE LINUX 10.1
  • screen >= 4.0.2-62.5
SUSE LINUX 9.2
  • screen >= 4.0.2-45.2
SUSE LINUX 9.3
  • screen >= 4.0.2-46.2