Home > Vulnerability Database > CVE-2012-3368

Mend.io Vulnerability Database

CVE-2012-3368

Date: July 3, 2012

Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach.

Severity Score

3.7

Related Resources (10)

Url: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=625302

Url: https://bugzilla.redhat.com/show_bug.cgi?id=835849

Url: https://security-tracker.debian.org/tracker/CVE-2012-3368

Url: https://bugzilla.redhat.com/show_bug.cgi?id=812551

Url: http://sourceforge.net/tracker/download.php?group_id=36489&atid=417357&file_id=441195&aid=3517812

Url: http://sourceforge.net/tracker/?func=detail&aid=3517812&group_id=36489&atid=417357

Url: https://nvd.nist.gov/vuln/detail/CVE-2012-3368

Url: https://access.redhat.com/security/cve/CVE-2012-3368

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2012-3368

Url: https://www.mend.io/vulnerability-database/CVE-2012-3368

Severity Score

3.7

Weakness Type (CWE)

Numeric Errors

CWE-189

CVSS v3.1

Base Score:	3.7
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

CVSS v2

Base Score:	2.6
Access Vector (AV):	NETWORK
Access Complexity (AC):	HIGH
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	NONE
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2012-3368

Date: July 3, 2012

Severity Score

Related Resources (10)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?