Lucene search
RootSSV:2106HistoryAug 14, 2007 - 12:00 a.m.
Xfce-Terminal远程命令注入漏洞
2007-08-1400:00:00
Root
www.seebug.org
10
0.02 Low
EPSS
Percentile
89.0%
BUGTRAQ ID: 24889
CVE(CAN) ID: CVE-2007-3770
Xfce Terminal是Xfce桌面环境的控制台工具。
Xfce Terminal在使用URL串构造命令调用时存在漏洞,远程攻击者可能利用此漏洞诱使用户执行恶意Shell命令。
Xfce-Terminal 0.2.6
目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
<a href=“http://www.xfce.org/” target=“_blank”>http://www.xfce.org/</a>
http://foo.bar/$(xterm)/
http://google.com/search?q=$(ls)&sourceid=b0rk
http://google.com/search?q=$HOME
Related
fedora
fedora
[SECURITY] Fedora 7 Update: Terminal-0.2.6-3.fc7
2007-08-15 19:48:33
[SECURITY] Fedora 7 Update: Terminal-0.2.8-2.fc7
2007-12-15 19:29:50
openvas
openvas
Fedora Update for Terminal FEDORA-2007-1620
2009-02-27 00:00:00
Fedora Update for Terminal FEDORA-2007-4385
2009-02-27 00:00:00
Debian: Security Advisory (DSA-1393-1)
2008-01-17 00:00:00
cve
cve
CVE-2007-3770
2007-07-15 21:30:00
nessus
nessus
GLSA-200708-07 : Xfce Terminal: Remote arbitrary code execution
2007-08-13 00:00:00
Ubuntu 6.06 LTS / 6.10 / 7.04 : xfce4-terminal vulnerability (USN-497-1)
2007-11-10 00:00:00
Debian DSA-1393-1 : xfce4-terminal - insecure execution
2007-10-25 00:00:00
ubuntu
ubuntu
xfce4-terminal vulnerability
2007-08-14 00:00:00
debian
debian
nvd
nvd
CVE-2007-3770
2007-07-15 21:30:00
cvelist
cvelist
CVE-2007-3770
2007-07-15 21:00:00
securityvulns
securityvulns
Xfce terminal client unescaped shell characters vulnerability
2007-08-14 00:00:00
[ GLSA 200708-07 ] Xfce Terminal: Remote arbitrary code execution
2007-08-14 00:00:00
prion
prion
Open redirect
2007-07-15 21:30:00
gentoo
gentoo
Xfce Terminal: Remote arbitrary code execution
2007-08-11 00:00:00
debiancve
debiancve
CVE-2007-3770
2007-07-15 21:30:00
ubuntucve
ubuntucve
CVE-2007-3770
2007-07-15 00:00:00