LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

MeeGo alert MeeGo-SA-10:25 (vte)



From:
    	      "Ware, Ryan R" <ryan.r.ware@intel.com> 


To:
    	      "meego-security@meego.com" <meego-security@meego.com> 


Subject:
    	      [MeeGo-security] [MeeGo-SA-10:25.vte] vte Improperly Handles Escape
	Sequences 


Date:
    	      Tue, 18 Jan 2011 20:53:40 -0700


Message-ID:
    	      <0D71B548-8EE4-4AB1-876E-009BA6A17E9E@intel.com>


Archive-link:
    	      Article, Thread
              


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=============================================================================
MeeGo-SA-10:25.vte				            Security Advisory
                                                                MeeGo Project

Topic:          vte Improperly Handles Escape Sequences

Category:       Term
Module:         vte
Announced:      September 3, 2010
Affects:        MeeGo 1.0
Corrected:      September 3, 2010
MeeGo BID:	5089
CVE:		CVE-2010-2713

For general information regarding MeeGo Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://www.MeeGo.com/>.

I.   Background

VTE is a terminal emulator widget for use with GTK+ 2.0.

II.  Problem Description

CVE-2010-2713: The vte_sequence_handler_window_manipulation function
in vteseq.c in libvte (aka libvte9) in VTE 0.25.1 and earlier, as used
in gnome-terminal, does not properly handle escape sequences, which
allows remote attackers to execute arbitrary commands or obtain
potentially sensitive information via a (1) window title or (2) icon
title sequence. NOTE: this issue exists because of a CVE-2003-0070
regression.
CVSS v2 Base: 6.8 (MEDIUM)
Access Vector: Network exploitable; Victim must voluntarily interact
with attack mechanism

III. Impact

CVE-2010-2713: Unauthorized disclosure of information, modification or
disruption of service

IV.  Workaround

None

V.   Solution

Update to package vte-0.24.3-3.2 or later.

VI. References

http://bugs.meego.com/show_bug.cgi?id=5089
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-...

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (Darwin)

iQEcBAEBAgAGBQJNNlrtAAoJEEsJm1wYvCMbx8EH/A1DYgu8jn/vG+tUxBbdb+Zk
ky+lbBT1ssuCFVylP3wW0uVM+PQqEk/bjD8g5ZgGYG1+drHRuo/Z/XSXS5SqzkUy
VXZBvO1FPTwmrO+jJ9Pnme0bca5P9lXaS7kzQ/cPKMmFicL3TAiwlS484bLXYGYj
77Dpc+ENZOemCiYGxkD+rtRSO/tM6N7gjqS8oLJPtWbFo4FDyNZlhGKeG1tp/cyr
9Y75Epb1sBwJIhZg87Mao/YRQ9bYOTQYWCua2Ig83x4KKaFayaaetbeLvR4kku4t
KTmTLx6EcY52LEY+i8jDu7TVmIYw15TpcfRzaETOZppAmIGWht/mNAqXf+9B2q8=
=VyoU
-----END PGP SIGNATURE-----

_______________________________________________
MeeGo-security mailing list
MeeGo-security@meego.com
http://lists.meego.com/listinfo/meego-security
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds