CVE-2012-3368

Name of the Vulnerable Software and Affected Versions dtach version 0.8

Description The issue is related to an integer signedness error in the attach.c file of dtach. This error allows remote attackers to obtain sensitive information from the daemon stack memory under certain circumstances. The attack can occur when an improper connection-close request is made, and the attacker reads application data afterwards. An example of this attack is demonstrated by running an IRC client in dtach.

Recommendations For dtach version 0.8, at the moment, there is no information about a newer version that contains a fix for this vulnerability.