CVE-2012-3368

Published: Jul 3, 2012Modified: Apr 29, 2026

2.6

Vector

AV:N/AC:H/Au:N/C:P/I:N/A:N

Exploitability: 4.9 / Impact: 2.9

Source: NVD

Description

Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach.

Affected (1)

Products: Redhat: Dtach

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Dtach	Version 0.8

Related CWEs

References (10)

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=625302

Source: secalert@redhat.com

http://sourceforge.net/tracker/?func=detail&aid=3517812&group_id=36489&atid=417357

Source: secalert@redhat.com

Exploit

http://sourceforge.net/tracker/download.php?group_id=36489&atid=417357&file_id=441195&aid=3517812

Source: secalert@redhat.com

Patch

https://bugzilla.redhat.com/show_bug.cgi?id=812551

Source: secalert@redhat.com

Exploit

https://bugzilla.redhat.com/show_bug.cgi?id=835849

Source: secalert@redhat.com

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=625302

Source: af854a3a-2127-422b-91ae-364da2661108

http://sourceforge.net/tracker/?func=detail&aid=3517812&group_id=36489&atid=417357

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://sourceforge.net/tracker/download.php?group_id=36489&atid=417357&file_id=441195&aid=3517812

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://bugzilla.redhat.com/show_bug.cgi?id=812551

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://bugzilla.redhat.com/show_bug.cgi?id=835849

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.