CVE-2012-3368

Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach.

🔗 References (10)

• secalert@redhathttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=625302
• secalert@redhathttp://sourceforge.net/tracker/?func=detail&aid=3517812&group_id=36489&atid=417357
• secalert@redhathttp://sourceforge.net/tracker/download.php?group_id=36489&atid=417357&file_id=441195&aid=3517812
• secalert@redhathttps://bugzilla.redhat.com/show_bug.cgi?id=812551
• secalert@redhathttps://bugzilla.redhat.com/show_bug.cgi?id=835849
• af854a3a-2127-422b-91ae-364da2661108http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=625302
• af854a3a-2127-422b-91ae-364da2661108http://sourceforge.net/tracker/?func=detail&aid=3517812&group_id=36489&atid=417357
• af854a3a-2127-422b-91ae-364da2661108http://sourceforge.net/tracker/download.php?group_id=36489&atid=417357&file_id=441195&aid=3517812
• af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=812551
• af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=835849