CVE-2008-2383

HIGH

Description

CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) characters surrounding a command name within a Device Control Request Status String (DECRQSS) escape sequence in a text file, a related issue to CVE-2003-0063 and CVE-2003-0071.

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510030

http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html

http://secunia.com/advisories/33318

http://secunia.com/advisories/33388

http://secunia.com/advisories/33397

http://secunia.com/advisories/33418

http://secunia.com/advisories/33419

http://secunia.com/advisories/33568

http://secunia.com/advisories/33820

http://secunia.com/advisories/35074

http://sunsolve.sun.com/search/document.do?assetkey=1-66-254208-1

http://support.apple.com/kb/HT3549

http://www.debian.org/security/2009/dsa-1694

http://www.redhat.com/support/errata/RHSA-2009-0018.html

http://www.redhat.com/support/errata/RHSA-2009-0019.html

http://www.securityfocus.com/bid/33060

http://www.securitytracker.com/id?1021522

http://www.us-cert.gov/cas/techalerts/TA09-133A.html

http://www.vupen.com/english/advisories/2009/1297

https://exchange.xforce.ibmcloud.com/vulnerabilities/47655

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9317

https://usn.ubuntu.com/703-1/

https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00072.html

https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00184.html

Details

Source: MITRE

Published: 2009-01-02

Updated: 2018-10-03

Type: CWE-94

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:invisible-island:xterm:_nil_:*:*:*:*:*:*:*

Tenable Plugins

View all (21 total)

IDNameProductFamilySeverity
67791Oracle Linux 3 / 4 / 5 : xterm (ELSA-2009-0018)NessusOracle Linux Local Security Checks
high
60516Scientific Linux Security Update : xterm on SL3.x, SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
high
41604SuSE 10 Security Update : xterm (ZYPP Patch Number 5898)NessusSuSE Local Security Checks
high
41274SuSE9 Security Update : XFree86 (YOU Patch Number 12344)NessusSuSE Local Security Checks
high
40327openSUSE Security Update : xterm (xterm-405)NessusSuSE Local Security Checks
high
40160openSUSE Security Update : xterm (xterm-405)NessusSuSE Local Security Checks
high
38744Mac OS X 10.5.x < 10.5.7 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
37162Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : xterm vulnerabilities (USN-703-1)NessusUbuntu Local Security Checks
high
36977Mandriva Linux Security Advisory : xterm (MDVSA-2009:005)NessusMandriva Local Security Checks
high
35827Slackware 12.0 / 12.1 / 12.2 / current : xterm (SSA:2009-069-03)NessusSlackware Local Security Checks
high
35675GLSA-200902-04 : xterm: User-assisted arbitrary commands executionNessusGentoo Local Security Checks
high
35391Fedora 8 : xterm-238-1.fc8 (2009-0154)NessusFedora Local Security Checks
high
35388Fedora 9 : xterm-238-1.fc9 (2009-0059)NessusFedora Local Security Checks
high
35369openSUSE 10 Security Update : xterm (xterm-5902)NessusSuSE Local Security Checks
high
35319RHEL 2.1 : hanterm-xf (RHSA-2009:0019)NessusRed Hat Local Security Checks
high
35312CentOS 3 / 4 / 5 : xterm (CESA-2009:0018)NessusCentOS Local Security Checks
high
35302RHEL 3 / 4 / 5 : xterm (RHSA-2009:0018)NessusRed Hat Local Security Checks
high
35295FreeBSD : xterm -- DECRQSS remote command execution vulnerability (d5e1aac8-db0b-11dd-ae30-001cc0377035)NessusFreeBSD Local Security Checks
high
35293Debian DSA-1694-1 : xterm - design flawNessusDebian Local Security Checks
high
5023Mac OS X 10.5 < 10.5.7 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
800792Mac OS X 10.5 < 10.5.7 Multiple VulnerabilitiesLog Correlation EngineOperating System Detection
high