All the vulnerabilites related to michael_jennings - eterm
cve-2003-0068
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 01:43
Severity ?
EPSS score ?
Summary
The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/10237 | vdb-entry, x_refsource_BID | |
| http://marc.info/?l=bugtraq&m=104612710031920&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:040 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.debian.org/security/2004/dsa-496 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.iss.net/security_center/static/11414.php | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html | mailing-list, x_refsource_VULNWATCH |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:35.397Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "10237",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10237"
},
{
"name": "20030224 Terminal Emulator Security Issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104612710031920\u0026w=2"
},
{
"name": "MDKSA-2003:040",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:040"
},
{
"name": "DSA-496",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-496"
},
{
"name": "terminal-emulator-window-title(11414)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/11414.php"
},
{
"name": "20030224 Terminal Emulator Security Issues",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user\u0027s terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-01-02T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "10237",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10237"
},
{
"name": "20030224 Terminal Emulator Security Issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104612710031920\u0026w=2"
},
{
"name": "MDKSA-2003:040",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:040"
},
{
"name": "DSA-496",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-496"
},
{
"name": "terminal-emulator-window-title(11414)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/11414.php"
},
{
"name": "20030224 Terminal Emulator Security Issues",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0068",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user\u0027s terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "10237",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10237"
},
{
"name": "20030224 Terminal Emulator Security Issues",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104612710031920\u0026w=2"
},
{
"name": "MDKSA-2003:040",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:040"
},
{
"name": "DSA-496",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-496"
},
{
"name": "terminal-emulator-window-title(11414)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/11414.php"
},
{
"name": "20030224 Terminal Emulator Security Issues",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0068",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2003-02-04T00:00:00",
"dateUpdated": "2024-08-08T01:43:35.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-0382
Vulnerability from cvelistv5
Published
2003-06-10 04:00
Modified
2024-08-08 01:50
Severity ?
EPSS score ?
Summary
Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2003/dsa-309 | vendor-advisory, x_refsource_DEBIAN | |
| http://marc.info/?l=bugtraq&m=105427580626001&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/7708 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:50:47.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-309",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-309"
},
{
"name": "20030509 BAZARR CODE NINER PINK TEAM GO GO GO",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105427580626001\u0026w=2"
},
{
"name": "7708",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7708"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-05-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-309",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-309"
},
{
"name": "20030509 BAZARR CODE NINER PINK TEAM GO GO GO",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105427580626001\u0026w=2"
},
{
"name": "7708",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7708"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-309",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-309"
},
{
"name": "20030509 BAZARR CODE NINER PINK TEAM GO GO GO",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105427580626001\u0026w=2"
},
{
"name": "7708",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7708"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0382",
"datePublished": "2003-06-10T04:00:00",
"dateReserved": "2003-06-09T00:00:00",
"dateUpdated": "2024-08-08T01:50:47.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0367
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:14
Severity ?
EPSS score ?
Summary
Vulnerability in eterm 0.8.8 in Debian GNU/Linux allows an attacker to gain root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/1999/19990218 | vendor-advisory, x_refsource_DEBIAN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19990218 Root exploit in eterm",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/1999/19990218"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-02-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in eterm 0.8.8 in Debian GNU/Linux allows an attacker to gain root privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19990218 Root exploit in eterm",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/1999/19990218"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0367",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in eterm 0.8.8 in Debian GNU/Linux allows an attacker to gain root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990218 Root exploit in eterm",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/1999/19990218"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0367",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-05-23T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0476
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:21
Severity ?
EPSS score ?
Summary
xterm, Eterm, and rxvt allow an attacker to cause a denial of service by embedding certain escape characters which force the window to be resized.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2000-05/0420.html | mailing-list | |
| http://archives.neohapsis.com/archives/bugtraq/2000-05/0409.html | mailing-list | |
| http://www.securityfocus.com/bid/1298 | vdb-entry | |
| http://www.openwall.com/lists/oss-security/2024/06/09/1 | mailing-list | |
| http://www.openwall.com/lists/oss-security/2024/06/09/2 | mailing-list |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:31.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000601 Re: [rootshell.com] Xterm DoS Attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0420.html"
},
{
"name": "20000601 [rootshell.com] Xterm DoS Attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0409.html"
},
{
"name": "1298",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1298"
},
{
"name": "[oss-security] 20240609 vte 0.76.3 released with fix for CVE-2024-37535",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/06/09/1"
},
{
"name": "[oss-security] 20240609 Re: vte 0.76.3 released with fix for CVE-2024-37535",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/06/09/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-06-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "xterm, Eterm, and rxvt allow an attacker to cause a denial of service by embedding certain escape characters which force the window to be resized."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T16:13:15.549161",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000601 Re: [rootshell.com] Xterm DoS Attack",
"tags": [
"mailing-list"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0420.html"
},
{
"name": "20000601 [rootshell.com] Xterm DoS Attack",
"tags": [
"mailing-list"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0409.html"
},
{
"name": "1298",
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/1298"
},
{
"name": "[oss-security] 20240609 vte 0.76.3 released with fix for CVE-2024-37535",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/06/09/1"
},
{
"name": "[oss-security] 20240609 Re: vte 0.76.3 released with fix for CVE-2024-37535",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/06/09/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0476",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-07-11T00:00:00",
"dateUpdated": "2024-08-08T05:21:31.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-0021
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 01:36
Severity ?
EPSS score ?
Summary
The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=104612710031920&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:040 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.iss.net/security_center/static/11413.php | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html | mailing-list, x_refsource_VULNWATCH | |
| http://www.securityfocus.com/bid/6936 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:25.377Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030224 Terminal Emulator Security Issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104612710031920\u0026w=2"
},
{
"name": "MDKSA-2003:040",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:040"
},
{
"name": "terminal-emulator-screen-dump(11413)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/11413.php"
},
{
"name": "20030224 Terminal Emulator Security Issues",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html"
},
{
"name": "6936",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6936"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The \"screen dump\" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user\u0027s terminal, e.g. when the user views a file containing the malicious sequence."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-01-02T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030224 Terminal Emulator Security Issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104612710031920\u0026w=2"
},
{
"name": "MDKSA-2003:040",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:040"
},
{
"name": "terminal-emulator-screen-dump(11413)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/11413.php"
},
{
"name": "20030224 Terminal Emulator Security Issues",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html"
},
{
"name": "6936",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6936"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The \"screen dump\" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user\u0027s terminal, e.g. when the user views a file containing the malicious sequence."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030224 Terminal Emulator Security Issues",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104612710031920\u0026w=2"
},
{
"name": "MDKSA-2003:040",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:040"
},
{
"name": "terminal-emulator-screen-dump(11413)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/11413.php"
},
{
"name": "20030224 Terminal Emulator Security Issues",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html"
},
{
"name": "6936",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6936"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0021",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2003-01-07T00:00:00",
"dateUpdated": "2024-08-08T01:36:25.377Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-0143
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 02:42
Severity ?
EPSS score ?
Summary
Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/3868 | vdb-entry, x_refsource_BID | |
| http://online.securityfocus.com/archive/1/251597 | mailing-list, x_refsource_BUGTRAQ | |
| http://online.securityfocus.com/archive/1/250145 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.iss.net/security_center/static/7896.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:42:27.545Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3868",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3868"
},
{
"name": "20020121 Re: Eterm SGID utmp Buffer Overflow (Local)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/251597"
},
{
"name": "20020113 Eterm SGID utmp Buffer Overflow (Local)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/250145"
},
{
"name": "eterm-home-bo(7896)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7896.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-22T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3868",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3868"
},
{
"name": "20020121 Re: Eterm SGID utmp Buffer Overflow (Local)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/251597"
},
{
"name": "20020113 Eterm SGID utmp Buffer Overflow (Local)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/250145"
},
{
"name": "eterm-home-bo(7896)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7896.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0143",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3868",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3868"
},
{
"name": "20020121 Re: Eterm SGID utmp Buffer Overflow (Local)",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/251597"
},
{
"name": "20020113 Eterm SGID utmp Buffer Overflow (Local)",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/250145"
},
{
"name": "eterm-home-bo(7896)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7896.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0143",
"datePublished": "2002-06-25T04:00:00",
"dateReserved": "2002-03-15T00:00:00",
"dateUpdated": "2024-08-08T02:42:27.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2003-03-03 05:00
Modified
2024-11-20 23:43
Severity ?
Summary
The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| michael_jennings | eterm | 0.8.10 | |
| michael_jennings | eterm | 0.9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:michael_jennings:eterm:0.8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B33FE201-759E-4EE4-B19E-A25E6FBD711B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:michael_jennings:eterm:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD5D189-F36C-4E49-92C0-72C9D72A43BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user\u0027s terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands."
},
{
"lang": "es",
"value": "El emulador de terminal Eterm 0.9.1 y anteriorespermite a atacantes modificar el t\u00edtulo de la ventana mediante cierta secuencia de car\u00e1cter de escape, y a continuaci\u00f3n volver a insertarlo en la l\u00ednea de comandos del terminal del usuario, lo que podr\u00eda permitir al atacante ejecutar comandos arbitrarios."
}
],
"id": "CVE-2003-0068",
"lastModified": "2024-11-20T23:43:52.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-03-03T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104612710031920\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-496"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/11414.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:040"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/10237"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104612710031920\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/11414.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/10237"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-03-03 05:00
Modified
2024-11-20 23:43
Severity ?
Summary
The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| michael_jennings | eterm | 0.8.10 | |
| michael_jennings | eterm | 0.9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:michael_jennings:eterm:0.8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B33FE201-759E-4EE4-B19E-A25E6FBD711B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:michael_jennings:eterm:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD5D189-F36C-4E49-92C0-72C9D72A43BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The \"screen dump\" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user\u0027s terminal, e.g. when the user views a file containing the malicious sequence."
},
{
"lang": "es",
"value": "La caracter\u00edstica \"volcado de pantalla\" en Eterm 0.9.1 y anteriores permite a atacantes sobreescribir ficheros arbitrarios mediante una cierta secuencia de escape de caracteres cuando hacen eco en el terminal de un usuario, por ejemplo, cuando el usuario ve un fichero conteniendo la secuencia maliciosa."
}
],
"id": "CVE-2003-0021",
"lastModified": "2024-11-20T23:43:45.427",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-03-03T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104612710031920\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/11413.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:040"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104612710031920\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/11413.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6936"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-06-01 04:00
Modified
2024-11-20 23:32
Severity ?
Summary
xterm, Eterm, and rxvt allow an attacker to cause a denial of service by embedding certain escape characters which force the window to be resized.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| michael_jennings | eterm | 0.8.10 | |
| putty | putty | 0.48 | |
| rxvt | rxvt | 2.6.1 | |
| xfree86_project | x11r6 | 3.3.3 | |
| xfree86_project | x11r6 | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:michael_jennings:eterm:0.8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B33FE201-759E-4EE4-B19E-A25E6FBD711B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*",
"matchCriteriaId": "1283B462-042C-4857-A700-4179AAE20E2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt:rxvt:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E5CE4F28-5C30-4A54-8A4B-3FA6B01F1467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C104B02C-3F3B-4DB4-8A1D-65A7DAA380EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F33E5444-E178-4F49-BDA1-DE576D8526EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "xterm, Eterm, and rxvt allow an attacker to cause a denial of service by embedding certain escape characters which force the window to be resized."
}
],
"id": "CVE-2000-0476",
"lastModified": "2024-11-20T23:32:35.640",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-06-01T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0409.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0420.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2024/06/09/1"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2024/06/09/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1298"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0409.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0420.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/06/09/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/06/09/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1298"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-03-25 05:00
Modified
2024-11-20 23:38
Severity ?
Summary
Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| enlightenment | imlib | 2.0.01.0.0 | |
| enlightenment | imlib | 2.1.0.1 | |
| enlightenment | imlib | 2.1.0.2 | |
| enlightenment | imlib | 2.1.0.3 | |
| enlightenment | imlib | 2.1.0.4 | |
| michael_jennings | eterm | 0.9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib:2.0.01.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5877B85B-458F-4C73-8412-872E6B83C6A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:2.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "898C107A-D618-4F8A-95A4-E4EEC6F3E74A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:2.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "752737E1-BEB6-43C3-978F-0B84B2CD827F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:2.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E27962-1B1F-45C5-AD0A-6AF65B1AF557",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:2.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A9079033-62DB-422B-831C-D95BF9D16DC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:michael_jennings:eterm:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD5D189-F36C-4E49-92C0-72C9D72A43BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable."
},
{
"lang": "es",
"value": "El desbordamiento del buffer en el Eterm de Enlightenment Imlib2 1.0.4 y versiones anteriores permite a usuarios locales la ejecuci\u00f3n de c\u00f3digo arbitrario mediante una variable de entorno HOME de gran longitud."
}
],
"id": "CVE-2002-0143",
"lastModified": "2024-11-20T23:38:24.770",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-03-25T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/250145"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/251597"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/7896.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/3868"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/250145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/251597"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/7896.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/3868"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-02-18 05:00
Modified
2024-11-20 23:32
Severity ?
Summary
Vulnerability in eterm 0.8.8 in Debian GNU/Linux allows an attacker to gain root privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.debian.org/security/1999/19990218 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/1999/19990218 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| michael_jennings | eterm | 0.8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:michael_jennings:eterm:0.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CE5961CA-6A25-421C-9856-899A7E442149",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in eterm 0.8.8 in Debian GNU/Linux allows an attacker to gain root privileges."
},
{
"lang": "es",
"value": "Vulnerabilidad en eterm 0.8.8 en Devial GNU/Linux permite a un atacante obtener privilegios de root."
}
],
"id": "CVE-2000-0367",
"lastModified": "2024-11-20T23:32:20.577",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-02-18T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/1999/19990218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/1999/19990218"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-07-02 04:00
Modified
2024-11-20 23:44
Severity ?
Summary
Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| michael_jennings | eterm | 0.9.1 | |
| michael_jennings | eterm | 0.9.2 | |
| debian | debian_linux | 2.3 | |
| debian | debian_linux | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:michael_jennings:eterm:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD5D189-F36C-4E49-92C0-72C9D72A43BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:michael_jennings:eterm:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "046A1B9E-B859-4E18-9AB0-C2B5BDAB01D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "618111F3-6608-47F0-AB0D-21547E342871",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en Eterm 0.9.2 permite a usuarios locales ganar privilegios mediante una variable de entorno ETERMPATH larga."
}
],
"id": "CVE-2003-0382",
"lastModified": "2024-11-20T23:44:36.280",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-07-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=105427580626001\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2003/dsa-309"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/7708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=105427580626001\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2003/dsa-309"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/7708"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}