LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

eterm, vte: dangerous interception of escape sequences

Package(s):vte, eterm CVE #(s):CAN-2003-0021 CAN-2003-0068 CAN-2003-0070
Created:March 3, 2003 Updated:April 1, 2003
Description: From the advisory: "Many of the features supported by popular terminal emulator software can be abused when un-trusted data is displayed on the screen. The impact of this abuse can range from annoying screen garbage to a complete system compromise. All of the issues below are actually documented features, anyone who takes the time to read over the man pages or source code could use them to carry out an attack."
Alerts:
Mandrake MDKSA-2003:040 2003-04-01
Gentoo 200303-1 2003-03-03
Gentoo 200303-2 2003-03-03
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds