CVE-2012-3368 Information

Description

Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request as demonstrated by running an IRC client in dtach.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=625302 http://sourceforge.net/tracker/?func=detail&aid=3517812&group_id=36489&atid=417357 http://sourceforge.net/tracker/download.php?group_id=36489&atid=417357&file_id=441195&aid=3517812 https://bugzilla.redhat.com/show_bug.cgi?id=812551 https://bugzilla.redhat.com/show_bug.cgi?id=835849