CVE-2009-1215

Public Date:
2009-01-11
Bugzilla:
492104: CVE-2009-1214 CVE-2009-1215 screen: Unsafe usage of temporary file

The MITRE CVE dictionary describes this issue as:

Race condition in GNU screen 4.0.3 allows local users to create or overwrite arbitrary files via a symlink attack on the /tmp/screen-exchange temporary file.

Find out more about CVE-2009-1215 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat does not consider this to be a security issue. The checks implemented by screen to protect against race condition attacks on /tmp/screen-exchange file provide sufficient protection for this rarely-used buffer exchange feature. For more details, see https://bugzilla.redhat.com/show_bug.cgi?id=492104

Last Modified

CVE description copyright © 2017, The MITRE Corporation