Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-2383HistoryJan 02, 2009 - 6:11 p.m.
CVE-2008-2383
2009-01-0218:11:09
Debian Security Bug Tracker
security-tracker.debian.org
16
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.012 Low
EPSS
Percentile
85.1%
CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) characters surrounding a command name within a Device Control Request Status String (DECRQSS) escape sequence in a text file, a related issue to CVE-2003-0063 and CVE-2003-0071.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | xterm | < 238-2 | xterm_238-2_all.deb |
| Debian | 11 | all | xterm | < 238-2 | xterm_238-2_all.deb |
| Debian | 999 | all | xterm | < 238-2 | xterm_238-2_all.deb |
| Debian | 13 | all | xterm | < 238-2 | xterm_238-2_all.deb |
Related
cve
cve
openvas
openvas
Fedora Core 9 FEDORA-2009-0059 (xterm)
2009-01-07 00:00:00
FreeBSD Ports: xterm
2009-01-07 00:00:00
Fedora Core 10 FEDORA-2009-0091 (xterm)
2009-01-07 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: xterm-238-1.fc8
2009-01-07 09:25:00
[SECURITY] Fedora 9 Update: xterm-238-1.fc9
2009-01-07 09:12:14
[SECURITY] Fedora 10 Update: xterm-238-1.fc10
2009-01-07 09:16:50
nessus
nessus
Fedora 37 : kitty (2023-3746647cc3)
2023-07-27 00:00:00
Fedora 9 : xterm-238-1.fc9 (2009-0059)
2009-01-16 00:00:00
Fedora 38 : kitty (2023-a004ecb3f8)
2023-07-26 00:00:00
nvd
nvd
prion
prion
Crlf injection
2009-01-02 18:11:00
Code injection
2017-01-23 21:59:00
ubuntucve
ubuntucve
cvelist
cvelist
osv
osv
SwiftTerm Code Injection vulnerability
2023-07-14 21:58:43
xfree86 - buffer overflows, denial of service
2003-09-12 00:00:00
xterm - remote code execution
2009-01-02 00:00:00
github
github
SwiftTerm Code Injection vulnerability
2023-07-14 21:58:43
debian
debian
[SECURITY] [DSA-380-1] New xfree86 packages fix multiple vulnerabilities
2003-09-12 18:55:36
[SECURITY] [DSA 1694-2] New xterm packages fix regression
2009-01-06 11:40:11
[SECURITY] [DSA 1694-1] New xterm packages fix remote code execution
2009-01-02 19:07:44
redhat
redhat
(RHSA-2003:065) XFree86 security update
2003-06-25 00:00:00
(RHSA-2009:0018) Important: xterm security update
2009-01-07 00:00:00
(RHSA-2009:0019) Important: hanterm-xf security update
2009-01-07 00:00:00
securityvulns
securityvulns
[RHSA-2003:067-00] Updated XFree86 packages provide security and bug fixes
2003-06-25 00:00:00
Terminal Emulator Security Issues
2003-02-25 00:00:00
About the security content of Security Update 2009-002 / Mac OS X v10.5.7
2009-05-14 00:00:00
veracode
veracode
CRLF Injection
2020-04-10 00:28:46
gentoo
gentoo
xterm: User-assisted arbitrary commands execution
2009-02-12 00:00:00
centos
centos
hanterm security update
2009-02-02 23:25:09
xterm security update
2009-01-07 22:24:51
freebsd
freebsd
xterm -- DECRQSS remote command execution vulnerability
2008-12-28 00:00:00
oraclelinux
oraclelinux
xterm security update
2009-01-07 00:00:00
slackware
slackware
xterm
2009-03-10 10:26:52
debiancve
debiancve
CVE-2015-8971
2017-01-23 21:59:00
ubuntu
ubuntu
xterm vulnerabilities
2009-01-06 00:00:00
threatpost
threatpost
Apple Mega Patch Covers 88 Mac OS X Vulnerabilities
2010-03-29 17:15:44
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.012 Low
EPSS
Percentile
85.1%
Related for DEBIANCVE:CVE-2008-2383