CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
84.9%
rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). A response is terminated by a newline (CVE-2021-33477).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 8 | noarch | rxvt-unicode | < 9.26-1 | rxvt-unicode-9.26-1.mga8 |
Mageia | 8 | noarch | mrxvt | < 0.5.4-15.1 | mrxvt-0.5.4-15.1.mga8 |
Mageia | 8 | noarch | eterm | < 0.9.7-3.1 | eterm-0.9.7-3.1.mga8 |
bugs.mageia.org/show_bug.cgi?id=28939
lists.fedoraproject.org/archives/list/[email protected]/thread/6RFMU5YXXNYYVA7G2DAHRXXHO6JKVFUT/
lists.fedoraproject.org/archives/list/[email protected]/thread/UXAKO6N6NKTR6Z6KVAPEXSZQMRU52SGA/
www.debian.org/lts/security/2021/dla-2681
www.debian.org/lts/security/2021/dla-2682
www.openwall.com/lists/oss-security/2021/05/17/1
www.openwall.com/lists/oss-security/2021/05/17/2
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
84.9%