Hi folks, today I found around the corner a huge XTerm code injection.
DECRQSS Device Control Request Status String “DCS $ q” simply echoes
(responds with) invalid commands.
Exploitability is the same as for the “window title reporting” issue
in DSA-380: include the DCS string in an email message to the victim,
or arrange to have it in syslog to be viewed by root.
So for example:
perl -e ‘print “\eP\$q\netstat\n\e\\”‘ > bla.log
cat bla.log ; would run the “netstat” command.
3 thoughts on “ Huge XTERM vulnerability. ”
Can anyone recommend the best Remote Desktop tool for a small IT service company like mine? Does anyone use Kaseya.com or GFI.com? How do they compare to these guys I found recently: N-able N-central managed services software
? What is your best take in cost vs performance among those three? I need a good advice please… Thanks in advance!
Thank you to read my blog !
Thanks a lot for publishing this vulnerability Marco, I just removed xterm and installed xfce-terminal, instead to safely cat.