CVE-2007-3048

GNU screen <4.0.3 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-3048. PoCs published by Rembrandt, gitcollect.

AI-analyzed exploit summary This is a writeup describing a local authentication bypass vulnerability in screen <= 4.0.3, where the screen lock mechanism can be bypassed using 'ctrl-c'. The issue is related to terminal locking and may involve PAM or other third-party authentication mechanisms.

Description

GNU screen 4.0.3 allows local users to unlock the screen via a CTRL-C sequence at the password prompt. NOTE: multiple third parties report inability to reproduce this issue

Exploits (2)

exploitdb WRITEUP VERIFIED
by Rembrandt · textlocallinux
https://www.exploit-db.com/exploits/4028

This is a writeup describing a local authentication bypass vulnerability in screen <= 4.0.3, where the screen lock mechanism can be bypassed using 'ctrl-c'. The issue is related to terminal locking and may involve PAM or other third-party authentication mechanisms.

Classification
Writeup 100%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: screen <= 4.0.3
No auth needed
Prerequisites: physical access to the terminal · screen session already running
devstral-2 · analyzed Feb 16, 2026 Full analysis →
github WORKING POC
by gitcollect · cpoc
https://github.com/gitcollect/CVE_Exploits/tree/master/cve-2007-3048

This script exploits CVE-2007-3048, a vulnerability in GNU Screen that allows local users to bypass password protection by leveraging a race condition during session detachment. The PoC demonstrates how to regain access to a locked screen session without authentication.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: GNU Screen (versions prior to 4.0.3)
No auth needed
Prerequisites: local access to the target system · a locked screen session
devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (5)

Core 5
Core References
Mailing List mailing-list x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063721.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34693
Mailing List mailing-list x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063706.html
Mailing List mailing-list x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063710.html
Mailing List mailing-list x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063728.html

Scores

EPSS 0.0071
EPSS Percentile 48.4%

Details

Status published
Products (1)
gnu/screen 4.0.3
Published Jun 05, 2007
Tracked Since Feb 18, 2026