1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content

Where You Are

  1. Home
  2. Security
  3. Security Lab
  4. Latest Threats
  5. Vulnerability Descriptions
  6. SA200800171

xterm DECRQSS Escape Sequence Vulnerability

Report ID: SA200800171
Source: Secunia
Date of Discovery: 31.12.2008
Criticality: Moderate
Affects:
xterm
Compromise From: From remote
Compromise Type: System access

Summary

A vulnerability has been discovered in xterm, which can be exploited by malicious people to compromise a user's system.

Detailed Description

The vulnerability is caused due to xterm not properly processing the DECRQSS Device Control Request Status String escape sequence. This can be exploited to inject and execute arbitrary shell commands by e.g. tricking a user into displaying a malicious text file containing a specially crafted escape sequence via the "more" command in xterm.

The vulnerability is confirmed in xterm patch #237. Other versions may also be affected.

Solution

Do not process untrusted files in xterm.