Launchpad.net

CVE 2012-3368

Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach.

Related bugs and status

CVE-2012-3368 (Candidate) is related to these bugs:

Bug #1088355: Information disclosure Vulnerability

		In	Importance	Status
1088355	Information disclosure Vulnerability	dtach (Ubuntu)	Undecided	Fix Released
1088355	Information disclosure Vulnerability	dtach (Ubuntu Lucid)	Undecided	Fix Released
1088355	Information disclosure Vulnerability	dtach (Ubuntu Oneiric)	Undecided	Fix Released
1088355	Information disclosure Vulnerability	dtach (Ubuntu Precise)	Undecided	Fix Released
1088355	Information disclosure Vulnerability	dtach (Ubuntu Raring)	Undecided	Fix Released
1088355	Information disclosure Vulnerability	dtach (Ubuntu Quantal)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2012-3368

Related bugs and status

Related bugs

References