gnome-terminal allows arbitrary command execution when viewing files containing crafted escape sequences

Overview gnome-terminal may allow a remote attacker to execute arbitrary commands via crafted escape sequences. Description gnome-terminal affords users the ability to utilize an escape sequence to "export" the title of the current window title directly to the shell command line. By viewing a...

Multiple terminal emulators problems

By inserting secape sequences into terminal session via log files, e-mail, etc it's possible to force client into performing a set of operation, like sending control command to server, create a file, etc...

Terminal Emulator Security Issues

TERMINAL EMULATOR SECURITY ISSUES Copyright © 2003 Digital Defense Incorporated All Rights Reserved Table of Contents -- Summary -- Disclaimer -- Escape Sequences -- Remote Exploitation -- Screen Dumping -- Window Title Reporting -- Miscellaneous Issues -- Terminal Defense -- Tested Emulator...

Apache Httpd < 2.0.49 : Error log escape filtering

Apache does not filter terminal escape sequences from error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...

Apache Httpd < 1.3.31 : Error log escape filtering

Apache does not filter terminal escape sequences from error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...

Apache Httpd < 2.0.46 : Filtered escape sequences

Apache did not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...

Apache Httpd < 1.3.26 : Filtered escape sequences

Apache did not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...

DEBIAN-CVE-2002-1344

Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing 1 /absolute/path or 2 .. dot dot sequences...

PT-2002-2004 · Care 2002 · Care 2002

Name of the Vulnerable Software and Affected Versions: CARE 2002 versions prior to beta 1.0.02 Description: The issue allows remote attackers to read arbitrary files via .. dot dot sequences and null characters in the lang parameter, which is processed by a call to the include function...

Source code leakage in JRun

Adding some sequences to request it's possible to obtain JSP source code...

CVE-2002-0448

Xerver Free Web Server 2.10 and earlier allows remote attackers to cause a denial of service crash via an HTTP request that contains many "C:/" sequences...

Abyss Web Server 1.0 - File Disclosure

source: https://www.securityfocus.com/bid/4466/info Abyss Web Server is a freely available personal web server. It is maintained by Aprelium Technologies and runs on Microsoft Windows operating systems, as well as Linux. It is possible for a remote attacker to disclose the contents of arbitrary...

CVE-2001-1217

CVE-2001-1217 describes a directory traversal vulnerability in the PL/SQL Apache module (mod_plsql/mod_plsql) of Oracle 9i Application Server. The issue allows remote attackers to read sensitive files outside the web server’s root by crafting a request with double URL encoded sequences (..). Affe...

CVE-2001-0982

Directory traversal vulnerability in IBM Tivoli WebSEAL Policy Director 3.01 through 3.7.1 allows remote attackers to read arbitrary files or directories via encoded .. dot dot sequences containing "%2e" strings...

Обход проверки адреса IP в OpenSSH &#40;protection bypass&#41;

При определенной последовательности ключей в йале конфигурации не устанавливаются отдельные опции конфигурации на доступ с данным ключем...

CVE-1999-1273

Squid Internet Object Cache 1.1.20 allows users to bypass access control lists ACLs by encoding the URL with hexadecimal escape sequences...

CVE-2001-0642

The CVE-2001-0642 entry describes a directory traversal vulnerability in IncrediMail up to version 1400185 and earlier. By injecting leading “..” sequences into filenames listed in the content.ini file, local users could overwrite files on the local disk. The root cause is improper verification o...

Microsoft IIS 4.05.0 - FTP Denial of Service (MS01-026)

Microsoft IIS 4.05.0 - FTP Denial of Service MS01-026 source: https://www.securityfocus.com/bid/2717/info Due to a flaw in the pattern-matching function used by FTP commands, denial of service attacks can be successfully launched. If a user submits an FTP command along with a filename containing...

Microsoft IIS 4.0/5.0 - FTP Denial of Service (MS01-026)

source: https://www.securityfocus.com/bid/2717/info Due to a flaw in the pattern-matching function used by FTP commands, denial of service attacks can be successfully launched. If a user submits an FTP command along with a filename containing specially placed wildcard sequences, the...

Nosque Workshop MsgCore 1.9 - Denial of Service

source: https://www.securityfocus.com/bid/930/info There is a denial of service condition in Nosque Workshop's MsgCore SMTP server. The problem lies in memory used to store server input not being deallocated and eventually exhausted, causing the target NT host to freeze requiring a reboot. If a...