aru Posted March 25, 2003 Report Share Posted March 25, 2003 MandrakeSoft Security Advisory MDKSA-2003:034 : rxvt March 25th, 2003 Updated rxvt packages fix escape sequence insecurities Digital Defense Inc. released a paper detailing insecurities in variousterminal emulators, including rxvt.Many of the features supported bythese programs can be abused when untrusted data is displayed on thescreen.This abuse can be anything from garbage data being displayedto the screen or a system compromise. The released versions of Mandrake GNU/Linux affected are: 8.2 [*] 8.2/PPC [*] 9.0 [*] 9.1 [*] 9.1/PPC [*] Corporate Server 2.1 Full information about this advisory, including the updated packages, is available at: www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:034 Other references are: http://cve.mitre.org/cgi-bin/cvename.cgi?n...e=CAN-2003-0022 http://cve.mitre.org/cgi-bin/cvename.cgi?n...e=CAN-2003-0066 http://cve.mitre.org/cgi-bin/cvename.cgi?n...e=CAN-2003-0023 http://marc.theaimsgroup.com/?l=bugtraq&m=...12710031920&w=2 Posted automatically by aru (mdksec2mub v0.0.4) Link to comment Share on other sites More sharing options...
Recommended Posts