CVE-2007-3048

GNU screen <4.0.3 - Info Disclosure

Title source: llm

Description

GNU screen 4.0.3 allows local users to unlock the screen via a CTRL-C sequence at the password prompt. NOTE: multiple third parties report inability to reproduce this issue

Exploits (2)

github WORKING POC

by gitcollect · cpoc

https://github.com/gitcollect/CVE_Exploits/tree/master/cve-2007-3048

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by Rembrandt · textlocallinux

https://www.exploit-db.com/exploits/4028

View Code ZIP pw:eip

References (5)

[Mailing List] http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063706.html

[Mailing List] http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063710.html

[Mailing List] http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063721.html

[Mailing List] http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063728.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/34693

Scores

EPSS 0.0031

EPSS Percentile 53.6%

Classification

Status draft

Affected Products (1)

gnu/screen

Timeline

Published Jun 05, 2007

Tracked Since Feb 18, 2026