CVE-2003-0022

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2003-0022
The "screen dump" feature in rxvt 2.7.8 allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html Vendor Advisory
http://marc.info/?l=bugtraq&m=104612710031920&w=2
http://www.iss.net/security_center/static/11413.php Vendor Advisory
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:034
http://www.redhat.com/support/errata/RHSA-2003-054.html
http://www.redhat.com/support/errata/RHSA-2003-055.html
http://www.securityfocus.com/bid/6938
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html Vendor Advisory
http://marc.info/?l=bugtraq&m=104612710031920&w=2
http://www.iss.net/security_center/static/11413.php Vendor Advisory
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:034
http://www.redhat.com/support/errata/RHSA-2003-054.html
http://www.redhat.com/support/errata/RHSA-2003-055.html
http://www.securityfocus.com/bid/6938
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:rxvt:rxvt:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:rxvt:rxvt:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:rxvt:rxvt:2.6.3:*:*:*:*:*:*:*
cpe:2.3:a:rxvt:rxvt:2.6.4:*:*:*:*:*:*:*
cpe:2.3:a:rxvt:rxvt:2.7.5:*:*:*:*:*:*:*
cpe:2.3:a:rxvt:rxvt:2.7.6:*:*:*:*:*:*:*
cpe:2.3:a:rxvt:rxvt:2.7.7:*:*:*:*:*:*:*
cpe:2.3:a:rxvt:rxvt:2.7.8:*:*:*:*:*:*:*
History

20 Nov 2024, 23:43

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html - Vendor Advisory () http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html - Vendor Advisory
References () http://marc.info/?l=bugtraq&m=104612710031920&w=2 - () http://marc.info/?l=bugtraq&m=104612710031920&w=2 -
References () http://www.iss.net/security_center/static/11413.php - Vendor Advisory () http://www.iss.net/security_center/static/11413.php - Vendor Advisory
References () http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:034 - () http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:034 -
References () http://www.redhat.com/support/errata/RHSA-2003-054.html - () http://www.redhat.com/support/errata/RHSA-2003-054.html -
References () http://www.redhat.com/support/errata/RHSA-2003-055.html - () http://www.redhat.com/support/errata/RHSA-2003-055.html -
References () http://www.securityfocus.com/bid/6938 - () http://www.securityfocus.com/bid/6938 -
Information

Published : 2003-03-03 05:00

Updated : 2024-11-20 23:43

NVD link : CVE-2003-0022

Mitre link : CVE-2003-0022

CVE.ORG link : CVE-2003-0022

JSON object : View

Products Affected

rxvt

  • rxvt
CWE
NVD-CWE-Other