Executive Summary
Summary | |
---|---|
Title | Sun Alert 254208 A Security Vulnerability in the xterm(1) program Delivered With OpenSolaris Involving the Parsing of Device Control Request Status String (DECRQSS) Sequences May Lead to Execution of Arbitrary Code |
Informations | |||
---|---|---|---|
Name | SUN-254208 | First vendor Publication | 2009-03-05 |
Vendor | Sun | Last vendor Modification | 2009-03-05 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Product: OpenSolaris A security vulnerability in the xterm(1) program delivered with OpenSolaris related to the interpretation of certain Device Control Request Status String (DECRQSS) sequences may allow unprivileged local or remote users to execute arbitrary code with the privileges of the user running xterm(1). This issue is described in the following document: CVE-2008-2383 at http://www.security-database.com/detail.php?cve=CVE-2008-2383 State: Resolved First released: 05-Mar-2009 |
Original Source
Url : http://blogs.sun.com/security/entry/sun_alert_254208_a_security |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:13513 | |||
Oval ID: | oval:org.mitre.oval:def:13513 | ||
Title: | USN-703-1 -- xterm vulnerability | ||
Description: | Paul Szabo discovered that the DECRQSS escape sequences were not handled correctly by xterm. Additionally, window title operations were also not safely handled. If a user were tricked into viewing a specially crafted series of characters while in xterm, a remote attacker could execute arbitrary commands with user privileges | ||
Family: | unix | Class: | patch |
Reference(s): | USN-703-1 CVE-2006-7236 CVE-2008-2382 CVE-2008-2383 | Version: | 5 |
Platform(s): | Ubuntu 7.10 Ubuntu 8.04 Ubuntu 6.06 Ubuntu 8.10 | Product(s): | xterm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13620 | |||
Oval ID: | oval:org.mitre.oval:def:13620 | ||
Title: | DSA-1694-2 xterm -- design flaw | ||
Description: | The xterm update in DSA-1694-1 disabled font changing as a precaution. However, users reported that they need this feature. The update in this DSA makes font shifting through escape sequences configurable, using a new allowFontOps X resource, and unconditionally enables font changing through keyboard sequences. For the stable distribution, this problem has been fixed in version 222-1etch4. For the testing distribution, this problem has been fixed in version 235-2. For the unstable distribution, this problem has been fixed in version 238-2. We recommend that you upgrade your xterm package. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1694-2 CVE-2008-2383 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xterm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13638 | |||
Oval ID: | oval:org.mitre.oval:def:13638 | ||
Title: | DSA-1694-1 xterm -- design flaw | ||
Description: | Paul Szabo discovered that xterm, a terminal emulator for the X Window System, places arbitrary characters into the input buffer when displaying certain crafted escape sequences. As an additional precaution, this security update also disables font changing, user-defined keys, and X property changes through escape sequences. For the stable distribution, this problem has been fixed in version 222-1etch3. For the unstable distribution, this problem will be fixed soon. We recommend that you upgrade your xterm package. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1694-1 CVE-2008-2383 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xterm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22551 | |||
Oval ID: | oval:org.mitre.oval:def:22551 | ||
Title: | ELSA-2009:0018: xterm security update (Important) | ||
Description: | CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) characters surrounding a command name within a Device Control Request Status String (DECRQSS) escape sequence in a text file, a related issue to CVE-2003-0063 and CVE-2003-0071. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:0018-01 CVE-2008-2383 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | xterm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29143 | |||
Oval ID: | oval:org.mitre.oval:def:29143 | ||
Title: | RHSA-2009:0018 -- xterm security update (Important) | ||
Description: | An updated xterm package to correct a security issue is now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The xterm program is a terminal emulator for the X Window System. A flaw was found in the xterm handling of Device Control Request Status String (DECRQSS) escape sequences. An attacker could create a malicious text file (or log entry, if unfiltered) that could run arbitrary commands if read by a victim inside an xterm window. (CVE-2008-2383) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:0018 CESA-2009:0018-CentOS 3 CESA-2009:0018-CentOS 5 CVE-2008-2383 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 3 CentOS Linux 5 | Product(s): | xterm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7900 | |||
Oval ID: | oval:org.mitre.oval:def:7900 | ||
Title: | DSA-1694 xterm -- design flaw | ||
Description: | Paul Szabo discovered that xterm, a terminal emulator for the X Window System, places arbitrary characters into the input buffer when displaying certain crafted escape sequences (CVE-2008-2383). As an additional precaution, this security update also disables font changing, user-defined keys, and X property changes through escape sequences. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1694 CVE-2008-2383 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xterm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9317 | |||
Oval ID: | oval:org.mitre.oval:def:9317 | ||
Title: | CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) characters surrounding a command name within a Device Control Request Status String (DECRQSS) escape sequence in a text file, a related issue to CVE-2003-0063 and CVE-2003-0071. | ||
Description: | CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) characters surrounding a command name within a Device Control Request Status String (DECRQSS) escape sequence in a text file, a related issue to CVE-2003-0063 and CVE-2003-0071. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-2383 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for hanterm-xf CESA-2009:0019-01 centos2 i386 File : nvt/gb_CESA-2009_0019-01_hanterm-xf_centos2_i386.nasl |
2011-08-09 | Name : CentOS Update for xterm CESA-2009:0018 centos3 i386 File : nvt/gb_CESA-2009_0018_xterm_centos3_i386.nasl |
2011-08-09 | Name : CentOS Update for xterm-192-8.el4 CESA-2009:0018 centos4 i386 File : nvt/gb_CESA-2009_0018_xterm-192-8.el4__centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for xterm-215-5.el5 CESA-2009:0018 centos5 i386 File : nvt/gb_CESA-2009_0018_xterm-215-5.el5__centos5_i386.nasl |
2010-05-12 | Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-13 | Name : SLES10: Security update for xterm File : nvt/sles10_xterm.nasl |
2009-10-10 | Name : SLES9: Security update for XFree86 File : nvt/sles9p5041641.nasl |
2009-06-05 | Name : Ubuntu USN-707-1 (cupsys) File : nvt/ubuntu_707_1.nasl |
2009-06-05 | Name : Ubuntu USN-698-3 (nagios2) File : nvt/ubuntu_698_3.nasl |
2009-02-13 | Name : Gentoo Security Advisory GLSA 200902-04 (xterm) File : nvt/glsa_200902_04.nasl |
2009-02-10 | Name : CentOS Security Advisory CESA-2009:0019-01 (hanterm-xf) File : nvt/ovcesa2009_0019_01.nasl |
2009-02-02 | Name : SuSE Security Summary SUSE-SR:2009:003 File : nvt/suse_sr_2009_003.nasl |
2009-01-20 | Name : SuSE Security Summary SUSE-SR:2009:002 File : nvt/suse_sr_2009_002.nasl |
2009-01-13 | Name : Mandrake Security Advisory MDVSA-2009:005 (xterm) File : nvt/mdksa_2009_005.nasl |
2009-01-13 | Name : CentOS Security Advisory CESA-2009:0018 (xterm) File : nvt/ovcesa2009_0018.nasl |
2009-01-07 | Name : FreeBSD Ports: xterm File : nvt/freebsd_xterm.nasl |
2009-01-07 | Name : Fedora Core 8 FEDORA-2009-0154 (xterm) File : nvt/fcore_2009_0154.nasl |
2009-01-07 | Name : RedHat Security Advisory RHSA-2009:0018 File : nvt/RHSA_2009_0018.nasl |
2009-01-07 | Name : Fedora Core 10 FEDORA-2009-0091 (xterm) File : nvt/fcore_2009_0091.nasl |
2009-01-07 | Name : Fedora Core 9 FEDORA-2009-0059 (xterm) File : nvt/fcore_2009_0059.nasl |
2009-01-07 | Name : Debian Security Advisory DSA 1694-2 (xterm) File : nvt/deb_1694_2.nasl |
2009-01-07 | Name : Debian Security Advisory DSA 1694-1 (xterm) File : nvt/deb_1694_1.nasl |
2009-01-07 | Name : Ubuntu USN-702-1 (samba) File : nvt/ubuntu_702_1.nasl |
2009-01-07 | Name : Ubuntu USN-703-1 (xterm) File : nvt/ubuntu_703_1.nasl |
2009-01-07 | Name : RedHat Security Advisory RHSA-2009:0019 File : nvt/RHSA_2009_0019.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2009-069-03 xterm File : nvt/esoft_slk_ssa_2009_069_03.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
51142 | xterm DECRQSS Escape Sequence LF Character Handling CRLF Injection |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2009-0018.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20090107_xterm_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xterm-5898.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12344.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_xterm-090108.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_xterm-090108.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-703-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2009-005.nasl - Type : ACT_GATHER_INFO |
2009-03-11 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-069-03.nasl - Type : ACT_GATHER_INFO |
2009-02-13 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200902-04.nasl - Type : ACT_GATHER_INFO |
2009-01-16 | Name : The remote Fedora host is missing a security update. File : fedora_2009-0154.nasl - Type : ACT_GATHER_INFO |
2009-01-16 | Name : The remote Fedora host is missing a security update. File : fedora_2009-0059.nasl - Type : ACT_GATHER_INFO |
2009-01-14 | Name : The remote openSUSE host is missing a security update. File : suse_xterm-5902.nasl - Type : ACT_GATHER_INFO |
2009-01-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2009-0019.nasl - Type : ACT_GATHER_INFO |
2009-01-08 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2009-0018.nasl - Type : ACT_GATHER_INFO |
2009-01-07 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2009-0018.nasl - Type : ACT_GATHER_INFO |
2009-01-06 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_d5e1aac8db0b11ddae30001cc0377035.nasl - Type : ACT_GATHER_INFO |
2009-01-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1694.nasl - Type : ACT_GATHER_INFO |