gnome-terminal allows arbitrary command execution when viewing files containing crafted escape sequences

ID VU:230561
Type cert
Reporter CERT
Modified 2003-02-27T00:00:00



gnome-terminal may allow a remote attacker to execute arbitrary commands via crafted escape sequences.


gnome-terminal affords users the ability to utilize an escape sequence to "export" the title of the current window title directly to the shell command line. By viewing a maliciously crafted file in gnome-terminal, a victim may unknowingly execute shell commands (provided by the attacker).

This vulnerability was discovered by H D Moore of Digital Defense. H D has provided a paper on this topic (TERMINAL EMULATOR SECURITY ISSUES), and Red Hat has published RHSA-2003:053-10. Both of these documents provide more information about this vulnerability.


A remote attacker may be able to execute arbitrary commands on a vulnerable host.


Apply a patch.

Systems Affected

Vendor| Status| Date Notified| Date Updated
Red Hat Inc.| | -| 27 Feb 2003
If you are a vendor and your product is affected, let us know.

CVSS Metrics

Group | Score | Vector
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A


  • <>
  • <>


This vulnerability was discovered by H D Moore of Digital Defense . The CERT/CC thanks both H D Moore and Red Hat for providing information upon which this document is based.

This document was written by Ian A Finlay.

Other Information

  • CVE IDs: CAN-2003-0070
  • Date Public: 24 Feb 2003
  • Date First Published: 27 Feb 2003
  • Date Last Updated: 27 Feb 2003
  • Severity Metric: 4.86
  • Document Revision: 5