14 matches found
Updated konsole packages fix security vulnerability
KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading URLs from the scheme handlers such as a ssh:// or telnet:// or rlogin:// URL. This can be executed regardless of whether the ssh, telnet, or rlogin binary is available. In this mode, there is a code...
EUVD-2004-1535
Malware in sbrugna...
Konsole: Code execution
Background Konsole is KDE's terminal emulator. Description Konsole supports loading URLs from the scheme handlers such as telnet://URL. This can be executed regardless of whether the telnet binary is available. It would fallback to bash in that case and execute arbitrary code. Impact Clicking a...
VanDyke SecureCRT Arbitrary Configuration Folder Specification (CVE-2004-1541)
SecureCRT is a popular terminal application which provides support for a number of remote access protocols such as SSH1, SSH2 and Telnet. A vulnerability exists in the way VanDyke SecureCRT handles telnet URLs. Through the use of a telnet URL, SecureCRT can be remotely supplied a parameter which...
Apple Mac OS X终端调整窗口大小整数溢出漏洞
BUGTRAQ ID: 35182 CVECAN ID: CVE-2009-1717 Mac OS X是苹果家族机器所使用的操作系统。 在处理CSI4 xterm调整窗口大小转义代码中,如果对x, y大小设置了很低的负数值,就可能触发整数溢出。攻击者可以通过诱骗用户使用Terminal连接到远程系统(如打开telnet: URL)来利用这个漏洞,导致拒绝服务或执行任意指令。 Apple Mac OS X 10.5.x Apple MacOS X Server 10.5.x 厂商补丁: Apple ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Hyper Access多个远程安全漏洞
yperACCESS是HyperTerminal的官方升级,可为用户提供终端通讯解决方案。 HyperAccess中存在两个安全漏洞: 通过打开.HAW文件执行命令 HyperAccess将会话保存为.haw文件,可通过注册表中设置的editflags未经用户交互便打开这些扩展名: HKEYCLASSESROOT\HAWin32\EditFlags. 如果Internet Explorer用户浏览了包含有.HAW的站点,就会强制执行自动下载并由所安装的HyperAccess打开并解析文件。 通过Telnet URL协议执行命令 HyperAccess可通过将以下注册表项:...
HyperAccess - Multiple Vulnerabilities
Not long now... ======================================================================== = Hyper Access - Multiple Vulnerabilities = = Vendor Website: = http://www.hilgraeve.com = = Affected Software: = Hyper Access 8.4 and possibly lower = = Public disclosure on Thursday December 14, 2006...
CVE-2004-1541
SecureCRT 4.0, 4.1, and possibly other versions, allows remote attackers to execute arbitrary commands via a telnet:// URL that uses the /F option to specify a configuration file on a samba share...
CVE-2004-1541
SecureCRT 4.0, 4.1, and possibly other versions, allows remote attackers to execute arbitrary commands via a telnet:// URL that uses the /F option to specify a configuration file on a samba share...
Fedora Core 2 : kdelibs-3.2.2-6 (2004-122)
iDEFENSE identified a vulnerability in the Opera Web Browser that could allow remote attackers to create or truncate arbitrary files. The KDE team has found that a similar vulnerability exists in KDE. A flaw in the telnet URL handler can allow options to be passed to the telnet program which can ...
CVE-2000-0892
CVE-2000-0892 describes a vulnerability where some telnet clients may disclose environment variables to remote telnet servers or via telnet: URLs, due to RFC 1572 (NEW-ENVIRON). The underlying issue is the ability of a server to request environment variables before authentication, potentially exp...
Security Bulletin (MS00-079)
Microsoft Security Bulletin MS00-079 - - -------------------------------------- Patch Available for "HyperTerminal Buffer Overflow" Vulnerability Originally posted: October 18, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in the HyperTerminal...
Уязвимость в Microsoft/Hilgraeve Hyperterminal
Некорректная обработка длинной URL telnet:// приводит к переполнению буфера...
adv_telnet1.txt
/\ /\ /\ \ \ / //\ /:\ /\ /\ /\ \ \ \ | / / : / . \ . | | . \ \ / . \ / : \ / . . \ \ . | / \ | / / \ / \ . | | . \ /. \ : : //\ / \ / \ \ | / | / / / / / / / / / ---------------------------------------------------Meliksah Ozoral E-mail...