[Xquartz-dev] Xterm vulnerability

Peter Collinson pc at hillside.co.uk
Fri Jan 2 11:04:45 PST 2009

Is this being dealt with, or are we all OK anyway?
(2) HIGH: xterm Escape Sequence Vulnerability
X.org xterm versions prior to patch #237

Description: xterm is the terminal emulator of the X Window System,
the standard network-enabled windowing system for Unix and Unix-like
platforms. It contains a flaw in its handling of certain escape
sequences (sequences of characters that, when read by the terminal,
cause it to take action). A specially crafted "DECRQSS Device Control
Request Status" escape sequence could trigger this vulnerability,
allowing an attacker to execute arbitrary commands with the privileges
of the current user. An attacker could exploit this vulnerability by
tricking a user into displaying a malicious text file in an xterm
window, or sending such characters in a network terminal session
(for example, during an SSH or telnet session). Note that this affects
the reference implementation of xterm from X.org, and presumably also
affects versions of xterm that share that codebase (such as XFree86).

Status: Vendor confirmed, updates available.

Wikipedia Article on the X Window System
Wikipedia Article on Escape Sequences
X.org Home Page
SecurityFocus BID


More information about the Xquartz-dev mailing list