gnome-terminal may allow a remote attacker to execute arbitrary commands via crafted escape sequences.
gnome-terminal affords users the ability to utilize an escape sequence to "export" the title of the current window title directly to the shell command line. By viewing a maliciously crafted file in gnome-terminal, a victim may unknowingly execute shell commands (provided by the attacker).
This vulnerability was discovered by H D Moore of Digital Defense. H D has provided a paper on this topic (TERMINAL EMULATOR SECURITY ISSUES), and Red Hat has published RHSA-2003:053-10. Both of these documents provide more information about this vulnerability.
A remote attacker may be able to execute arbitrary commands on a vulnerable host.
Apply a patch.
Vendor| Status| Date Notified| Date Updated
Red Hat Inc.| | -| 27 Feb 2003
If you are a vendor and your product is affected, let us know.
Group | Score | Vector
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A
This vulnerability was discovered by H D Moore of Digital Defense . The CERT/CC thanks both H D Moore and Red Hat for providing information upon which this document is based.
This document was written by Ian A Finlay.