Mandriva Linux Security Advisory : xterm (MDVSA-2009:005)

high Nessus Plugin ID 36977

Synopsis

The remote Mandriva Linux host is missing a security update.

Description

A vulnerability has been discovered in xterm, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to xterm not properly processing the DECRQSS Device Control Request Status String escape sequence. This can be exploited to inject and execute arbitrary shell commands by e.g. tricking a user into displaying a malicious text file containing a specially crafted escape sequence via the more command in xterm (CVE-2008-2383).

The updated packages have been patched to prevent this.

Solution

Update the affected xterm package.

Plugin Details

Severity: High

ID: 36977

File Name: mandriva_MDVSA-2009-005.nasl

Version: 1.15

Type: local

Published: 4/23/2009

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:xterm, cpe:/o:mandriva:linux:2008.0, cpe:/o:mandriva:linux:2008.1, cpe:/o:mandriva:linux:2009.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 1/11/2009

Reference Information

CVE: CVE-2008-2383

BID: 33060

CWE: 94

MDVSA: 2009:005