Lucene search
K

811 matches found

OSV
OSV
added 2003/03/03 5:0 a.m.2 views

DEBIAN-CVE-2003-0070

VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option in gnome-terminal 2.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containin...

6.8CVSS7.5AI score0.02078EPSS
Exploits0References1
NVD
NVD
added 2003/03/03 5:0 a.m.21 views

CVE-2003-0071

The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop...

2.1CVSS6.1AI score0.00452EPSS
Exploits0References9
CERT
CERT
added 2003/02/27 12:0 a.m.38 views

gnome-terminal allows arbitrary command execution when viewing files containing crafted escape sequences

Overview gnome-terminal may allow a remote attacker to execute arbitrary commands via crafted escape sequences. Description gnome-terminal affords users the ability to utilize an escape sequence to "export" the title of the current window title directly to the shell command line. By viewing a...

6.8CVSS7AI score0.02078EPSS
Exploits0References2
securityvulns
securityvulns
added 2003/02/25 12:0 a.m.1097 views

Terminal Emulator Security Issues

TERMINAL EMULATOR SECURITY ISSUES Copyright © 2003 Digital Defense Incorporated All Rights Reserved Table of Contents -- Summary -- Disclaimer -- Escape Sequences -- Remote Exploitation -- Screen Dumping -- Window Title Reporting -- Miscellaneous Issues -- Terminal Defense -- Tested Emulator...

7.5CVSS7.9AI score0.13718EPSS
Exploits7
securityvulns
securityvulns
added 2003/02/25 12:0 a.m.37 views

Multiple terminal emulators problems

By inserting secape sequences into terminal session via log files, e-mail, etc it's possible to force client into performing a set of operation, like sending control command to server, create a file, etc...

3.4AI score
Exploits0References1Affected Software10
Apache Httpd
Apache Httpd
added 2003/02/24 12:0 a.m.48 views

Apache Httpd < 1.3.31 : Error log escape filtering

Apache does not filter terminal escape sequences from error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...

5CVSS1.4AI score0.10872EPSS
Exploits7Affected Software1
Apache Httpd
Apache Httpd
added 2003/02/24 12:0 a.m.49 views

Apache Httpd < 2.0.46 : Filtered escape sequences

Apache did not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...

5CVSS1.7AI score0.17413EPSS
Exploits8Affected Software1
Apache Httpd
Apache Httpd
added 2003/02/24 12:0 a.m.70 views

Apache Httpd < 1.3.26 : Filtered escape sequences

Apache did not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...

5CVSS1.7AI score0.17413EPSS
Exploits8Affected Software1
Apache Httpd
Apache Httpd
added 2003/02/24 12:0 a.m.45 views

Apache Httpd < 2.0.49 : Error log escape filtering

Apache does not filter terminal escape sequences from error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...

5CVSS1.4AI score0.10872EPSS
Exploits7Affected Software1
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.17 views

CVE-1999-1273

Squid Internet Object Cache 1.1.20 allows users to bypass access control lists ACLs by encoding the URL with hexadecimal escape sequences...

6.6AI score0.01306EPSS
Exploits1References2
NVD
NVD
added 1998/02/20 5:0 a.m.9 views

CVE-1999-1273

Squid Internet Object Cache 1.1.20 allows users to bypass access control lists ACLs by encoding the URL with hexadecimal escape sequences...

7.5CVSS0.01306EPSS
Exploits1References2
Rows per page
Query Builder