CLSA-2026-1777030519 xterm: Fix of CVE-2022-45063

CVE-2022-45063: improve error recovery when setting a bitmap font for the VT100 window - add NULL pointer checks in xstrcasecmp and xstrncasecmp to help with error recovery for a missing font...

CLSA-2022-1669238963 xterm: Fix of CVE-2022-45063

CVE-2022-45063: improve error recovery when setting a bitmap font for the VT100 window - Add NULL pointer checks in xstrcasecmp and xstrncasecmp to help with error recovery for a missing font...

TP-Link TL-SG108E XSS / Weak Access Control

Overview ------------- Three vulnerabilities have been discovered in the TP-Link TL-SG108E, firmware 1.0.0 Build 20160722 Rel.50167: CVE-2017-17745 - Cross Site Scripting XSS in systemnameset.cgi, sysName parameter CVE-2017-17746 - Weak access control for user authentication CVE-2017-17747 - Weak...

[SECURITY] Fedora 25 Update: picocom-2.2-2.fc25

As its name suggests, picocom is a minimal dumb-terminal emulation program. It is, in principle, very much like minicom, only it's "pico" instead of "mini"! It was designed to serve as a simple, manual, modem configuration, testing, and debugging tool. It has also served quite well as a low-tech...

CVE-2016-2204

The management console on Symantec Messaging Gateway SMG Appliance devices before 10.6.1 allows local users to obtain root-shell access via crafted terminal-window input...

Input validation

The management console on Symantec Messaging Gateway SMG Appliance devices before 10.6.1 allows local users to obtain root-shell access via crafted terminal-window input...

CVE-2016-2204

The management console on Symantec Messaging Gateway SMG Appliance devices before 10.6.1 allows local users to obtain root-shell access via crafted terminal-window input...

CVE-2012-1166

The default keybindings for wwm in LTSP Display Manager ldm 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via the KPRETURN keybinding, which launches a terminal window...

CVE-2012-1166

The default keybindings for wwm in LTSP Display Manager ldm 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via the KPRETURN keybinding, which launches a terminal window...

[SECURITY] Fedora 18 Update: nodejs-ansi-0.2.0-1.fc18

ansi.js is a module for Node.js that provides an easy-to-use API for writing ANSI escape codes to Stream instances. ANSI escape codes are used to do fan cy things in a terminal window, like render text in colors, delete characters, lines, the entire window, or hide and show the cursor, and lots...

Scientific Linux Security Update : bash on SL5.x i386/x86_64

Bash is the default shell for Scientific Linux. It was found that certain scripts bundled with the Bash documentation created temporary files in an insecure way. A malicious, local user could use this flaw to conduct a symbolic link attack, allowing them to overwrite the contents of arbitrary fil...

CVE-2012-1166

The default keybindings for wwm in LTSP Display Manager ldm 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via the KPRETURN keybinding, which launches a terminal window...

CentOS 5 : bash (CESA-2011:1073)

An updated bash package that fixes one security issue, several bugs, and adds one enhancement is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives...

CVE-2008-1692

Eterm 0.9.4 opens a terminal window on :0 if -display is not specified and the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine...

CVE-2008-1692

CVE-2008-1692 affects several X11 terminal emulators (Eterm 0.9.4; and also aterm, rxvt, rxvt-unicode, wterm, Mrxvt, multi-aterm) used on X displays. The root cause is that Eterm opens a :0 terminal when -display is not provided and DISPLAY is unset, enabling a local attacker to hijack X11 termin...

CVE-2008-1142

rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that th...

Code injection

rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that th...

CVE-2008-1142

CVE-2008-1142 affects rxvt and related terminals (rxvt-unicode, mrxvt, aterm, multi-aterm, wterm) where opening a terminal on :0 if DISPLAY is not set enables local users to hijack X11 connections. This is caused by improper handling of DISPLAY during initialization. Public updates exist (e.g., r...

CVE-2008-1142

rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that th...

Tips: using Ubuntu to crack WEP-key-vulnerability warning-the black bar safety net

See this article, anyone can install and run Linux, and crack the WEP key. I've spent the whole two days, and read a lot of information before they make this thing, now out and share. I'm not a Linux expert. All you need is a wireless card old notebook and a Ubuntu Linux copy, which is currently...