103 matches found
CVE-2008-1692
CVE-2008-1692 affects several X11 terminal emulators (Eterm 0.9.4; and also aterm, rxvt, rxvt-unicode, wterm, Mrxvt, multi-aterm) used on X displays. The root cause is that Eterm opens a :0 terminal when -display is not provided and DISPLAY is unset, enabling a local attacker to hijack X11 termin...
CVE-2008-1692
Eterm 0.9.4 opens a terminal window on :0 if -display is not specified and the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine...
Debian Security Advisory DSA 496-1 (eterm)
The remote host is missing an update to eterm announced via advisory DSA 496-1. OpenVAS Vulnerability Test $Id: deb4961.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 496-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 976-1 (libast, libast1)
The remote host is missing an update to libast, libast1 announced via advisory DSA 976-1. Johnny Mast discovered a buffer overflow in libast, the library of assorted spiffy things, that can lead to the execution of arbitrary code. This library is used by eterm which is installed setgid uid which...
Debian Security Advisory DSA 309-1 (eterm)
The remote host is missing an update to eterm announced via advisory DSA 309-1. OpenVAS Vulnerability Test $Id: deb3091.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 309-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian: Security Advisory (DSA-496)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 309-1 (eterm)
The remote host is missing an update to eterm announced via advisory DSA 309-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-976-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-976-1 : libast - buffer overflow
Johnny Mast discovered a buffer overflow in libast, the library of assorted spiffy things, that can lead to the execution of arbitrary code. This library is used by eterm which is installed setgid uid which leads to a vulnerability to alter the utmp file. %NASLMINLEVEL 70300 C Tenable Network...
[SECURITY] [DSA 976-1] New libast packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 976-1 [email protected] http://www.debian.org/security/ Martin Schulze February 15th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 976-1] New libast packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 976-1 [email protected] http://www.debian.org/security/ Martin Schulze February 15th, 2006 http://www.debian.org/security/faq -...
DSA-976-1 libast - buffer overflow
Bulletin has no description...
LibAST: Privilege escalation
Background LibAST is a utility library that was originally intended to accompany Eterm, but may be used by various other applications. Description Michael Jennings discovered an exploitable buffer overflow in the configuration engine of LibAST. Impact The vulnerability can be exploited to gain...
LibAST 0.7 Release Fixes Security Vulnerability
I am pleased to announce the release of LibAST 0.7. The release summary is below. Please note that this release contains an important security fix; all users of LibAST are STRONGLY encouraged to update to this latest version immediately. The latest version can be obtained in source, RPM, and SRPM...
Rosiello Security - Eterm-LibAST Advisory
Eterm-LibAST Advisory Rosiello Security http://www.rosiello.org I. BACKGROUND Eterm http://www.eterm.org is a color vt102 terminal emulator intended as an xterm1 replacement. It is designed with a Freedom of Choice philosophy, leaving as much power, flexibility, and freedom as possible in the han...
CVE-2006-0224
Buffer overflow in Library of Assorted Spiffy Things LibAST 0.6.1 and earlier, as used in Eterm and possibly other software, allows local users to execute arbitrary code as the utmp user via a long -X command line argument alternative configuration file name...
DEBIAN-CVE-2006-0224
Buffer overflow in Library of Assorted Spiffy Things LibAST 0.6.1 and earlier, as used in Eterm and possibly other software, allows local users to execute arbitrary code as the utmp user via a long -X command line argument alternative configuration file name...
Buffer overflow
Buffer overflow in Library of Assorted Spiffy Things LibAST 0.6.1 and earlier, as used in Eterm and possibly other software, allows local users to execute arbitrary code as the utmp user via a long -X command line argument alternative configuration file name...
CVE-2006-0224
CVE-2006-0224 describes a local buffer overflow in LibAST (Library of Assorted Spiffy Things) up to version 0.6.1, used by eterm and possibly others, allowing local users to execute arbitrary code as the utmp user via a long -X argument. Multiple connected advisories confirm the same issue and ma...
Eterm LibAST < 0.7 (-X Option) Local Privilege Escalation Exploit
Exploit for linux platform in category local exploits ================================================================= Eterm LibAST 0.7 -X Option Local Privilege Escalation Exploit ================================================================= // eterm by default isn't setuid but there is a l...