New User, Welcome!     Login

terminal emulator

Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection

--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--

We would like to punctuate the following facts:

1) We totally agree that the root of the problem is an unwise design in
the terminal emulators. If in 70' controls were sent out of band on a
secondary channel we would not have the equivalent of Blue Boxing in the
terminal.

This is a known issue from years. We didn't invented this attack vector
and never claimed so. We don't think that design changes will happen in

[ MDVSA-2010:017 ] ruby

 WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through
 patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev
 writes data to a log file without sanitizing non-printable characters,
 which might allow remote attackers to modify a window's title,
 or possibly execute arbitrary commands or overwrite files, via an
 HTTP request containing an escape sequence for a terminal emulator
 (CVE-2009-4492).
 
 Packages for 2008.0 are provided for Corporate Desktop 2008.0
 customers.

[ GLSA 200902-04 ] xterm: User-assisted arbitrary commands execution

arbitrary commands execution.

Background
==========

xterm is a terminal emulator for the X Window system.

Affected packages
=================

    -------------------------------------------------------------------

Jetty 6.x and 7.x Multiple Vulnerabilities

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0020
[2] Apache does not filter terminal escape sequences from access logs
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0083
[3] Debian GNU/Linux XTERM (DECRQSS/comments) Weakness Vulnerability
    http://www.milw0rm.com/exploits/7681
[4] Terminal Emulator Security Issues
    http://marc.info/?l=bugtraq&m=104612710031920&w=2
[5] Eterm Screen Dump Escape Sequence Local File Corruption Vulnerability
    http://www.securityfocus.com/bid/6936/discuss
[6] RXVT Screen Dump Escape Sequence Local File Corruption Vulnerability
    http://www.securityfocus.com/bid/6938/discuss

[SECURITY] [DSA 1694-1] New xterm packages fix remote code execution

Problem type   : local (remote)
Debian-specific: no
CVE Id(s)      : CVE-2008-2383
Debian Bug     : 510030

Paul Szabo discovered that xterm, a terminal emulator for the X Window
System, places arbitrary characters into the input buffer when
displaying certain crafted escape sequences (CVE-2008-2383).

As an additional precaution, this security update also disables font
changing, user-defined keys, and X property changes through escape


Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!