526 matches found
Hafiye 1.0 Remote Terminal Escape Sequence Injection Vulnerability
No description provided by source. / Remote Exploit for Hafiye-1.0 Terminal Escape Sequence Injection Vulnerability Written by Serkan Akpolat Homepage: http://deicide.siyahsapka.org E-mail: deicide siyahsapka org Greets: Virulent, gorny and all other netricians / include stdio.h include sys/types...
hafiye.txt
+------- Software --------------+ Hafiye 1.0 "POSIX-compliant, customizable TCP/IP packet sniffer." +------- Tested Versions --------------+ Hafiye1.0 Tested on:LinuxHafiye compiled from tarball FreeBSD 4.7 Installed from CD +------- Vulnerability --------------+ Packet Payload Terminal Escape...
RHEL 2.1 : XFree86 (RHSA-2003:065)
Updated XFree86 packages that resolve various security issues and additionally provide a number of bug fixes and enhancements are now available for Red Hat Enterprise Linux 2.1. XFree86 is an implementation of the X Window System, which provides the graphical user interface, video drivers, etc. f...
RHEL 2.1 : rxvt (RHSA-2003:055)
Updated rxvt packages are available which fix a number of vulnerabilities in the handling of escape sequences. Updated 12 March 2003 Added packages for Red Hat Enterprise Linux ES and Red Hat Enterprise Linux WS Rxvt is a color VT102 terminal emulator for the X Window System. A number of issues...
Apache < 1.3.31 / 2.0.49 Log Entry Terminal Escape Sequence Injection
The target is running an Apache web server that allows for the injection of arbitrary escape sequences into its error logs. An attacker might use this vulnerability in an attempt to exploit similar vulnerabilities in terminal emulators. Nessus has determined the vulnerability exists only by looki...
[SECURITY] [DSA-380-1] New xfree86 packages fix multiple vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 380-1 [email protected] http://www.debian.org/security/ Matt Zimmerman September 12th, 2003 http://www.debian.org/security/faq -...
DSA-380 xfree86 - buffer overflows, denial of service
Bulletin has no description...
Moderate: Red Hat Security Advisory: hanterm-xf security update
Updated Hangul Terminal packages fix two security issues. Hangul Terminal is a terminal emulator for the X Window System, based on Xterm. Hangul Terminal provides an escape sequence for reporting the current window title, which essentially takes the current title and places it directly on the...
Important: Red Hat Security Advisory: XFree86 security update
Updated XFree86 packages that resolve various security issues and additionally provide a number of bug fixes and enhancements are now available for Red Hat Enterprise Linux 2.1. XFree86 is an implementation of the X Window System, which provides the graphical user interface, video drivers, etc. f...
Moderate: Red Hat Security Advisory: : : : Updated hanterm packages provide security fixes
Updated hanterm packages fix two security issues. Hangul Terminal is a terminal emulator for the X Window System, based on Xterm. Hangul Terminal provides an escape sequence for reporting the current window title, which essentially takes the current title and places it directly on the command lin...
CVE-2003-0083
CVE-2003-0083 affects Apache 1.3.x (before 1.3.25) and Apache 2.0.x (before 2.0.46). The issue is that terminal escape sequences are not filtered from access logs, enabling insertion of escape sequences into terminal emulators vulnerable to such sequences. This is a separate vulnerability from CV...
DEBIAN-CVE-2003-0069
The PuTTY terminal emulator 0.53 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute...
CVE-2003-0069
The PuTTY terminal emulator 0.53 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute...
PT-2003-1349 · Simon Tatham · Putty
Name of the Vulnerable Software and Affected Versions: PuTTY version 0.53 Description: The issue allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal. This could happen when the user views a file...
Important: Red Hat Security Advisory: rxvt security update
Updated rxvt packages are available which fix a number of vulnerabilities in the handling of escape sequences. Updated 12 March 2003 Added packages for Red Hat Enterprise Linux ES and Red Hat Enterprise Linux WS Rxvt is a color VT102 terminal emulator for the X Window System. A number of issues...
DEBIAN-CVE-2003-0021
The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence...
CVE-2003-0021
The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence...
CVE-2003-0063
The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the...
CVE-2003-0021
The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence...
CVE-2003-0022
The "screen dump" feature in rxvt 2.7.8 allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence...