CVE-2002-0062

Name of the Vulnerable Software and Affected Versions ncurses version 5.0 ncurses4 compatibility package (affected versions not specified)

Description The issue is related to a buffer overflow in routines for moving the physical cursor and scrolling, allowing local users to gain privileges. Multiple vulnerabilities in the libncurses5 package of Debian GNU/Linux can lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited by a local attacker.

Recommendations For ncurses version 5.0, update to a version that fixes the buffer overflow issue. For the ncurses4 compatibility package, apply the necessary security patches or updates to prevent exploitation. As a temporary workaround, consider restricting access to the vulnerable package until a patch is available. Avoid using the vulnerable routines for moving the physical cursor and scrolling until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.