[Xquartz-dev] Xterm vulnerability

Zulli, Louis P zullil at lafayette.edu
Fri Jan 2 11:58:52 PST 2009 

We are vulnerable. 


xterm DECRQSS Remote Command Execution Vulnerability 

Bugtraq ID: 	33060 
Class: 	Input Validation Error 
CVE: 	CVE-2008-2383 

Remote: 	Yes 
Local: 	No 
Published: 	Dec 28 2008 12:00AM 
Updated: 	Dec 28 2008 12:00AM 
Credit: 	Paul Szabo 
Vulnerable: 	X.org xterm patch 237 



Not Vulnerable: 	

----- Original Message ----- 
From: "Louis P Zulli" <zullil at lafayette.edu> 
To: "Developer talk about Xquartz" <xquartz-dev at lists.macosforge.org> 
Sent: Friday, January 2, 2009 2:49:37 PM GMT -05:00 US/Canada Eastern 
Subject: Re: [Xquartz-dev] Xterm vulnerability 


Aren't we at #237 already, and thus OK? 


Affected: 
X.org xterm versions prior to patch #237 





----- Original Message ----- 
From: "Jeremy Huddleston" <jeremyhu at berkeley.edu> 
To: "Developer talk about Xquartz" <xquartz-dev at lists.macosforge.org> 
Sent: Friday, January 2, 2009 2:45:44 PM GMT -05:00 US/Canada Eastern 
Subject: Re: [Xquartz-dev] Xterm vulnerability 

Just when I was about to push out 2.3.2 ... 

Thanks, this will be fixed in 2.3.2 with xterm-238 


On Jan 2, 2009, at 11:04, Peter Collinson wrote: 

> Is this being dealt with, or are we all OK anyway? 
> ------------------------------------------------------------------------------------------------- 
> (2) HIGH: xterm Escape Sequence Vulnerability 
> Affected: 
> X.org xterm versions prior to patch #237 
> 
> Description: xterm is the terminal emulator of the X Window System, 
> the standard network-enabled windowing system for Unix and Unix-like 
> platforms. It contains a flaw in its handling of certain escape 
> sequences (sequences of characters that, when read by the terminal, 
> cause it to take action). A specially crafted "DECRQSS Device Control 
> Request Status" escape sequence could trigger this vulnerability, 
> allowing an attacker to execute arbitrary commands with the privileges 
> of the current user. An attacker could exploit this vulnerability by 
> tricking a user into displaying a malicious text file in an xterm 
> window, or sending such characters in a network terminal session 
> (for example, during an SSH or telnet session). Note that this affects 
> the reference implementation of xterm from X.org, and presumably also 
> affects versions of xterm that share that codebase (such as XFree86). 
> 
> Status: Vendor confirmed, updates available. 
> 
> References: 
> Wikipedia Article on the X Window System 
> http://en.wikipedia.org/wiki/X_Window_System 
> Wikipedia Article on Escape Sequences 
> http://en.wikipedia.org/wiki/Escape_sequence 
> X.org Home Page 
> http://www.x.org 
> SecurityFocus BID 
> http://www.securityfocus.com/bid/33060 
> 
> --------------------------------------------------------------------------------------------------- 
> _______________________________________________ 
> Xquartz-dev mailing list 
> Xquartz-dev at lists.macosforge.org 
> http://lists.macosforge.org/mailman/listinfo.cgi/xquartz-dev 

_______________________________________________ 
Xquartz-dev mailing list 
Xquartz-dev at lists.macosforge.org 
http://lists.macosforge.org/mailman/listinfo.cgi/xquartz-dev 

_______________________________________________ Xquartz-dev mailing list Xquartz-dev at lists.macosforge.org http://lists.macosforge.org/mailman/listinfo.cgi/xquartz-dev 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/xquartz-dev/attachments/20090102/deb9e5c4/attachment-0001.html>

More information about the Xquartz-dev mailing list