Search criteria
6 vulnerabilities found for rxvt-unicode by rxvt-unicode
FKIE_CVE-2008-1142
Vulnerability from fkie_nvd - Published: 2008-04-07 17:44 - Updated: 2025-04-09 00:30
Severity ?
Summary
rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aterm:aterm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "906079C8-6164-4E15-A171-759A9C2D33CB",
"versionEndIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aterm:aterm:0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBFE971D-9704-411B-89EC-2BE46D7E4930",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aterm:aterm:0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "65887C4E-3B44-4AA6-919B-88D987C440E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aterm:aterm:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07EF6773-1416-444A-9CCB-00459BBF30DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aterm:aterm:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB4F3E9-B8C3-4DBB-8686-AEB36D0D7A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aterm:aterm:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A9CDB7D2-1EB3-4E08-BFEC-572720079B9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aterm:aterm:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A65ADF9D-8591-4046-809E-090B13098E62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aterm:aterm:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06C17CD8-84FA-4A07-A5B3-C3D3CFD701DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aterm:aterm:0.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6E8374-C6AF-4BF0-8F08-1DFB788FB1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aterm:aterm:0.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "438FCC6C-14F7-4E09-A83D-CB09A4C087F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aterm:aterm:0.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "65DE72EB-BCB3-44D7-84B8-25C098D79ABC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aterm:aterm:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7237B6AB-CA2C-4F4E-812F-5A5B466E946A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aterm:aterm:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "48413ADC-4E8B-4030-919F-06DDB10FEB70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aterm:aterm:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FDB25A3-56B5-4C4C-83CA-8CAB21E03371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aterm:aterm:1.00:beta1:*:*:*:*:*:*",
"matchCriteriaId": "0EB2756B-E373-475A-AC3F-0D4357BB7410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aterm:aterm:1.00:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6814E277-848C-4B8B-83A7-7E72B0EBC906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aterm:aterm:1.00:beta3:*:*:*:*:*:*",
"matchCriteriaId": "E13A6D13-157C-4A9C-9D79-D4C3418A3867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aterm:aterm:1.00:beta4:*:*:*:*:*:*",
"matchCriteriaId": "5CE84A43-27D4-41AB-BFD0-3986137E2748",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterm:eterm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2367DBAD-54A6-4ADA-83A1-F7DBC3813500",
"versionEndIncluding": "0.9.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterm:eterm:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF3630F-CE7F-4A04-8094-1E692D32DF64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mrxvt:mrxvt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDEA3F78-F92B-45E2-9406-FDB58FA43021",
"versionEndIncluding": "0.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mrxvt:mrxvt:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0C1645E2-E752-4D1B-887D-61A54E165C6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:multi-aterm:multi-aterm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60168674-59D0-42E9-AF75-59E1D67C392D",
"versionEndIncluding": "0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:multi-aterm:multi-aterm:0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36C575E5-6D9B-48A1-A756-304D8EC480C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:multi-aterm:multi-aterm:0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B4F027-019B-4C38-BD32-FDC6CF6F27F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:multi-aterm:multi-aterm:0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "019BA414-15C4-46F5-830F-1EC910C65B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:multi-aterm:multi-aterm:0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CEE85183-4BD5-45CA-9723-4EE635D61EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:multi-aterm:multi-aterm:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "51D5D44E-8936-4B6D-8A83-839F3A0FBE59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt:rxvt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BB2370B-7366-4291-B602-26342194094C",
"versionEndIncluding": "2.7.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt:rxvt:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E5CE4F28-5C30-4A54-8A4B-3FA6B01F1467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt:rxvt:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5BA71D83-EA61-4B68-9D71-40E660C8E9E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt:rxvt:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EB750075-F614-40BA-B26D-CA3826A1B865",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt:rxvt:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "31FE05CF-F5F3-4F11-853A-36D4A4CA8FD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt:rxvt:2.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "16BC9337-A01B-402D-A9A0-AAE0B49355BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt:rxvt:2.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "ED803842-E280-4998-BD7C-CF8048304FE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt:rxvt:2.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "779E9DE5-58AC-4441-8925-3ADC1E042A8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt:rxvt:2.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "287104DA-18C9-400C-B23C-CD569E5F11C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02EDF05C-DE07-4C0C-878B-76DD7CFE0C28",
"versionEndIncluding": "9.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8CB9BC7D-3ABE-4262-A705-DAA17A527257",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E86C5E10-4E22-4E5C-A2E5-575D291301BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA17952-574A-48C3-BC45-B7B8242D89CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "765462C7-1EE5-43BE-AD1E-4FEB74C486F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "499B59D2-8535-4A07-B221-AA26EAACAB31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B87E8504-8CF7-4AB4-A437-8D15D623EE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF5A78E-1CA2-47C3-AF35-0F4024F8C57D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FB280BBD-663C-4F72-86F6-D67B65F14D97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FEEF3E4C-0014-4062-BD27-11649D6DC022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE654A2-DC0C-4764-92E9-45B1890ED9A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:1.91:*:*:*:*:*:*:*",
"matchCriteriaId": "263D8B7E-046C-4C68-8FE0-6FE56DCC6140",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54383B98-264B-4C5C-9E0F-F06CFC200827",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "550ED2B1-0273-407A-B9E2-8B219ECF5F73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC2A517-FFFF-4266-A900-36F09D2A0B1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01B30E8A-FD5B-473D-AEDD-96CB8533CE91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "898BFA6D-1874-4DC0-8A23-196011EA6AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "542D823A-6321-4EC8-B580-27AC0FABA07D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A78B12DC-F538-48B8-9097-A5B6E35190BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "13E67E56-F415-46E5-A147-19B18EC0CB47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1263E928-4629-4627-9C48-3BEF8EA6A8C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8A8C74-F783-4460-95B0-0F70DAAF1214",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60169CC8-A154-4250-BCE1-BCF05EDDE840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCD73D1-AEDE-4775-A242-B37078088577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BE74E8-AAE2-45B0-A27B-425130E94BB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C76CAB9D-C5E5-452C-9C0B-E5415AB650F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "81F5C9D0-F4B4-448D-930C-17B037C4AE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "830E5352-49B6-4941-91C2-03FF48AE6654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2E7B3932-0C64-4F0D-9C27-31F823958FC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8C6532-DE29-4071-9156-ABEFACA02BAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CA0AFAF1-F061-4C0E-9550-206824C19466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5B410B3D-D43A-4A62-9CDB-69C4E16062DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C25C6C41-3CD6-4FA8-8223-996B010A40E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BADC5D37-AAB3-4709-A156-D2CDA3AB2D0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B96FCB-ABC8-4FBE-B386-4612B3FFF5D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E4014961-4950-4C2D-9FE8-EBB089F2D080",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C939A580-A0CA-4FC9-BCC0-1C7BAB6AB6F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "542D14EE-F1FD-4E1D-BB5E-0E71C3A79186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BEAF5AC0-C9F3-4096-8071-FDE918291C3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E090BEAD-535D-4CC0-8AEF-C66F6C57657F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9727CD66-4D54-4B80-843D-67BF421125A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BCD5EBFB-B2B6-4E71-A2F7-2ECADFC99DB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "931F6A8E-AC22-49A7-ABC8-F9E685C5DB4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1BD68C4D-47E0-4325-9B7F-A73F455CD7C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13C292CB-B53B-4E86-A994-D53154558E20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "07793F4F-477E-4606-B262-F8216DEEA8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "37FD7AAA-D27C-4B16-995A-AEC044C9E7C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F175B9E5-999F-4BBC-9B2C-AF71992ABE94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E73C64A4-5353-43D2-8E60-9222B5C2403D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C262FB71-D4D4-4F1F-9D5A-5F948273EF73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AB4F5155-562F-4923-8D21-B99A2E31BA05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "99D71BA3-1491-46F7-B684-30BE37ED79C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "045C0948-0D5C-4A91-B62A-5DA97A7CBCAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3F406B34-FFEE-4DF6-8720-C6CD0C786694",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2AF031D-8BE0-4D26-98B2-B4484A5F1657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DACCD55F-C3DC-4AE4-80F4-C873DCA3F763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6485D96D-95FE-4980-A476-922DBCCB362A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D867F5A-639B-4B4C-87F9-377869D925DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2A906623-8A36-4211-98C4-4646A0489936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4FFF2C26-2B05-4949-B87A-E1EC1D4A8FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4F3780-BBEB-4355-AFAD-7F69176ECF8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "380F457A-E570-437E-8F23-B354C8BB15A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F3FCEEC1-7917-4A33-A7DF-6FB35065E8F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "713FF10E-813F-4089-88CF-AB1368CDE376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB6F305-E6A6-4D74-BEF7-668FE6000529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8484147E-0054-4819-940C-FBDF533D6422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12B02585-2315-4143-BE33-47C509CE0D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B0EBB720-9AC9-42B4-80F7-2FF61020E58D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA0D966-9748-4B03-9EA9-63CD3B6990F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C7475AFA-46FB-4035-97CB-0F37BCB7DD55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A12095D3-CB90-4EEF-B265-AE899BF0BCEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D91F0089-CBE6-4588-9BC0-E7947A050CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "4F7DC56B-C888-4111-A000-27E34166EB95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4A730D6E-327B-4E6C-9F38-6AC117EAED8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7521C5A1-0441-4132-92BB-0F4DD93C0BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2ADB59B3-5C43-463B-B714-43264052134B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D98F8B98-71CB-421E-B2B5-4AF2C9B4BA5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3347E60D-297F-425F-9644-9933650081BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wterm:wterm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F5A2D96-4DD9-43C8-BC2B-BF0C65820F3A",
"versionEndIncluding": "6.2.8a2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wterm:wterm:6.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "398586ED-E758-4D7A-B4D7-EDE57A044AFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wterm:wterm:6.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "21101465-3B77-441C-BC85-5E63E75A8D4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine."
},
{
"lang": "es",
"value": "Rxvt versi\u00f3n 2.6.4 abre una ventana terminal en :0 si no se establece la variable de entorno DISPLAY, lo que podr\u00eda permitir a los usuarios locales secuestrar conexiones X11. NOTA: m\u00e1s tarde se inform\u00f3 que rxvt-unicode, mrxvt, aterm, multi-aterm y wterm tambi\u00e9n se ven afectados. NOTA: escenarios de ataque realistas requieren que la v\u00edctima ingrese un comando en la m\u00e1quina incorrecta"
}
],
"id": "CVE-2008-1142",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-04-07T17:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29576"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30224"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30225"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30226"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30227"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30229"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31687"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/28512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30224"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30226"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30227"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31687"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/28512"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-1142\n\nThis issue does not affect Red Hat Enterprise Linux 3, 4, or 5.\n\nThe Red Hat Security Response Team has rated this issue as having low security impact. Due to the minimal security consequences of this issue, we do not intend to fix this in Red Hat Enterprise Linux 2.1. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/",
"lastModified": "2008-04-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-0126
Vulnerability from fkie_nvd - Published: 2006-01-09 11:03 - Updated: 2025-04-03 01:03
Severity ?
Summary
rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rxvt-unicode | rxvt-unicode | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rxvt-unicode:rxvt-unicode:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0312B278-4744-45C7-8C3E-143E9A3BE437",
"versionEndIncluding": "6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices."
}
],
"id": "CVE-2006-0126",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-01-09T11:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://dist.schmorp.de/rxvt-unicode/Changes"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18301"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.osvdb.org/22223"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/0052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dist.schmorp.de/rxvt-unicode/Changes"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18301"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.osvdb.org/22223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0052"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2008-1142 (GCVE-0-2008-1142)
Vulnerability from cvelistv5 – Published: 2008-04-07 17:00 – Updated: 2024-08-07 08:08
VLAI?
Summary
rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.701Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SR:2008:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
},
{
"name": "30226",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30226"
},
{
"name": "28512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28512"
},
{
"name": "30229",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30229"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
},
{
"name": "31687",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31687"
},
{
"name": "30225",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30225"
},
{
"name": "30227",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30227"
},
{
"name": "GLSA-200805-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
},
{
"name": "30224",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30224"
},
{
"name": "MDVSA-2008:161",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
},
{
"name": "MDVSA-2008:221",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
},
{
"name": "29576",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29576"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-05-13T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SUSE-SR:2008:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
},
{
"name": "30226",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30226"
},
{
"name": "28512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28512"
},
{
"name": "30229",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30229"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
},
{
"name": "31687",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31687"
},
{
"name": "30225",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30225"
},
{
"name": "30227",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30227"
},
{
"name": "GLSA-200805-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
},
{
"name": "30224",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30224"
},
{
"name": "MDVSA-2008:161",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
},
{
"name": "MDVSA-2008:221",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
},
{
"name": "29576",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29576"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1142",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SR:2008:017",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"name": "http://article.gmane.org/gmane.comp.security.oss.general/122",
"refsource": "MISC",
"url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
},
{
"name": "30226",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30226"
},
{
"name": "28512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28512"
},
{
"name": "30229",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30229"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
},
{
"name": "31687",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31687"
},
{
"name": "30225",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30225"
},
{
"name": "30227",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30227"
},
{
"name": "GLSA-200805-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
},
{
"name": "30224",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30224"
},
{
"name": "MDVSA-2008:161",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
},
{
"name": "MDVSA-2008:221",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
},
{
"name": "29576",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29576"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1142",
"datePublished": "2008-04-07T17:00:00",
"dateReserved": "2008-03-04T00:00:00",
"dateUpdated": "2024-08-07T08:08:57.701Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0126 (GCVE-0-2006-0126)
Vulnerability from cvelistv5 – Published: 2006-01-09 11:00 – Updated: 2024-08-07 16:25
VLAI?
Summary
rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:25:33.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22223",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22223"
},
{
"name": "18301",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18301"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://dist.schmorp.de/rxvt-unicode/Changes"
},
{
"name": "ADV-2006-0052",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22223",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22223"
},
{
"name": "18301",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18301"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://dist.schmorp.de/rxvt-unicode/Changes"
},
{
"name": "ADV-2006-0052",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0052"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0126",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22223",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22223"
},
{
"name": "18301",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18301"
},
{
"name": "http://dist.schmorp.de/rxvt-unicode/Changes",
"refsource": "CONFIRM",
"url": "http://dist.schmorp.de/rxvt-unicode/Changes"
},
{
"name": "ADV-2006-0052",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0052"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0126",
"datePublished": "2006-01-09T11:00:00",
"dateReserved": "2006-01-09T00:00:00",
"dateUpdated": "2024-08-07T16:25:33.396Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1142 (GCVE-0-2008-1142)
Vulnerability from nvd – Published: 2008-04-07 17:00 – Updated: 2024-08-07 08:08
VLAI?
Summary
rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.701Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SR:2008:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
},
{
"name": "30226",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30226"
},
{
"name": "28512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28512"
},
{
"name": "30229",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30229"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
},
{
"name": "31687",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31687"
},
{
"name": "30225",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30225"
},
{
"name": "30227",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30227"
},
{
"name": "GLSA-200805-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
},
{
"name": "30224",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30224"
},
{
"name": "MDVSA-2008:161",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
},
{
"name": "MDVSA-2008:221",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
},
{
"name": "29576",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29576"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-05-13T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SUSE-SR:2008:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
},
{
"name": "30226",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30226"
},
{
"name": "28512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28512"
},
{
"name": "30229",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30229"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
},
{
"name": "31687",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31687"
},
{
"name": "30225",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30225"
},
{
"name": "30227",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30227"
},
{
"name": "GLSA-200805-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
},
{
"name": "30224",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30224"
},
{
"name": "MDVSA-2008:161",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
},
{
"name": "MDVSA-2008:221",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
},
{
"name": "29576",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29576"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1142",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SR:2008:017",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"name": "http://article.gmane.org/gmane.comp.security.oss.general/122",
"refsource": "MISC",
"url": "http://article.gmane.org/gmane.comp.security.oss.general/122"
},
{
"name": "30226",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30226"
},
{
"name": "28512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28512"
},
{
"name": "30229",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30229"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296"
},
{
"name": "31687",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31687"
},
{
"name": "30225",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30225"
},
{
"name": "30227",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30227"
},
{
"name": "GLSA-200805-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200805-03.xml"
},
{
"name": "30224",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30224"
},
{
"name": "MDVSA-2008:161",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:161"
},
{
"name": "MDVSA-2008:221",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:221"
},
{
"name": "29576",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29576"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1142",
"datePublished": "2008-04-07T17:00:00",
"dateReserved": "2008-03-04T00:00:00",
"dateUpdated": "2024-08-07T08:08:57.701Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0126 (GCVE-0-2006-0126)
Vulnerability from nvd – Published: 2006-01-09 11:00 – Updated: 2024-08-07 16:25
VLAI?
Summary
rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:25:33.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22223",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22223"
},
{
"name": "18301",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18301"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://dist.schmorp.de/rxvt-unicode/Changes"
},
{
"name": "ADV-2006-0052",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22223",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22223"
},
{
"name": "18301",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18301"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://dist.schmorp.de/rxvt-unicode/Changes"
},
{
"name": "ADV-2006-0052",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0052"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0126",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22223",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22223"
},
{
"name": "18301",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18301"
},
{
"name": "http://dist.schmorp.de/rxvt-unicode/Changes",
"refsource": "CONFIRM",
"url": "http://dist.schmorp.de/rxvt-unicode/Changes"
},
{
"name": "ADV-2006-0052",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0052"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0126",
"datePublished": "2006-01-09T11:00:00",
"dateReserved": "2006-01-09T00:00:00",
"dateUpdated": "2024-08-07T16:25:33.396Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}