1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content




xterm DECRQSS Escape Sequence Vulnerability

Report ID: SA200800171
Source: Secunia
Date of Discovery: 31.12.2008
Criticality: Moderate
Affects:
xterm

Compromise From: From remote
Compromise Type: System access

Summary

A vulnerability has been discovered in xterm, which can be exploited by malicious people to compromise a user's system.

Detailed Description

The vulnerability is caused due to xterm not properly processing the DECRQSS Device Control Request Status String escape sequence. This can be exploited to inject and execute arbitrary shell commands by e.g. tricking a user into displaying a malicious text file containing a specially crafted escape sequence via the "more" command in xterm.

The vulnerability is confirmed in xterm patch #237. Other versions may also be affected.

Solution

Do not process untrusted files in xterm.

Original Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510030