Published: 01/06/2000 Updated: 10/06/2024

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

xterm, Eterm, and rxvt allow an malicious user to cause a denial of service by embedding certain escape characters which force the window to be resized.

Vulnerable Product	Search on Vulmon	Subscribe to Product
rxvt rxvt 2.6.1
xfree86 project x11r6 4.0
xfree86 project x11r6 3.3.3
putty putty 0.48
michael jennings eterm 0.8.10

source: wwwsecurityfocuscom/bid/1298/info xterm is a popular X11-based terminal emulator If VT control-characters are displayed in the xterm, they can be interpreted and used to cause a denial of service attack against the client (and even the host running the client) What makes it possible for remote users to exploit this vulnerability ...

On Sun, Jun 09, 2024 at 11:26:33AM -0700, Alan Coopersmith wrote: The above command is missing its backslash This triggers a crash: printf '\e[4;65535;65535t' and so does this: printf '\e[8;65535;65535t' The latter is a different escape sequence that accepts the sizes in different units I hope the fix covers both, but I didn't review nor ...

wwwcveorg/CVERecord?id=CVE-2024-37535 states: gitlabgnomeorg/GNOME/vte/-/issues/2786 explains further: -- -Alan Coopersmith- alancoopersmith () oracle com Oracle Solaris Engineering - blogsoraclecom/solaris ...

NVD-CWE-Other http://archives.neohapsis.com/archives/bugtraq/2000-05/0409.html http://www.securityfocus.com/bid/1298 http://archives.neohapsis.com/archives/bugtraq/2000-05/0420.html http://www.openwall.com/lists/oss-security/2024/06/09/1 http://www.openwall.com/lists/oss-security/2024/06/09/2 https://nvd.nist.gov https://www.exploit-db.com/exploits/19984/

CVE-2000-0476

Vulnerability Summary

Vulnerability Trend

Exploits

Mailing Lists

References

Vulmon Search

About

Products

Connect