Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2006-7236

Publish Date: 29 Dec 2008

                source: http://www.securityfocus.com/bid/33060/info

The 'xterm' program is prone to a remote command-execution vulnerability because it fails to sufficiently validate user input.

Successfully exploiting this issue would allow an attacker to execute arbitrary commands on an affected computer in the context of the affected application.

The issue affects xterm with patch 237; other versions may also be affected.

The following example is available:

perl -e 'print "\eP\$q\nwhoami\n\e\\"' &gt; bla.log
cat bla.log

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

xterm - DECRQSS Remote Command Execution

Vulmon Search

About

Products

Connect