Bugtraq mailing list archives
Re: [rootshell.com] Xterm DoS Attack
From: mej () VALINUX COM (Michael Jennings)
Date: Thu, 1 Jun 2000 19:29:46 -0700
On Thursday, 01 June 2000, at 11:21:16 (-0700), Kit Knox wrote:
* xterm Denial of Service Attack * (C) 2000 Kit Knox <kit () rootshell com> - 5/31/2000 * * Tested against: xterm (XFree86 3.3.3.1b(88b) -- crashes * rxvt v2.6.1 -- consumes all available memory and then * crashes.
All current versions of Eterm are vulnerable. Attached are patches to
Eterm 0.8.10 and 0.9. Similar changes have been committed to 0.8.11
and 0.9.1 in CVS.
Michael
--
"Greater than the death of flesh is the death of hope, the death of
dreams. Against this peril we can never surrender."
-- G'Kar, Babylon 5
=======================================================================
Michael Jennings <mej () eterm org> www.tcserv.com PGP Key ID: BED09971
Software Engineer, VA Linux Systems Author, Eterm (www.eterm.org)
<HR NOSHADE>
<UL>
<LI>text/plain attachment: Eterm-0.8.10-DoS.patch
</UL>
<HR NOSHADE>
<UL>
<LI>text/plain attachment: Eterm-0.9-DoS.patch
</UL>
Current thread:
- Re: IBM HTTP SERVER / APACHE (DoS) H D Moore (Jun 01)
- Re: IBM HTTP SERVER / APACHE (DoS) H D Moore (Jun 01)
- [rootshell.com] Xterm DoS Attack Kit Knox (Jun 01)
- Re: [rootshell.com] Xterm DoS Attack Michael Jennings (Jun 01)
- Re: [rootshell.com] Xterm DoS Attack Walt (Jun 01)
- Re: [rootshell.com] Xterm DoS Attack Soeren Staun-Pedersen (Jun 02)
- Insecure encryption in PassWD v1.2 Daniel Roethlisberger (Jun 03)
- Re: [rootshell.com] Xterm DoS Attack Wakko Ellington Warner-Warner III (Jun 04)
- Linux-Mandrake Xlockmore security update Chmouel Boudjnah (Jun 04)
- Microsoft BackOffice component: adredir.asp Michal Zalewski (Jun 03)
- Re: [rootshell.com] Xterm DoS Attack Darren Reed (Jun 02)
- Re: [rootshell.com] Xterm DoS Attack gavina () CSIS GVSU EDU (Jun 02)
- [Debian] Majordomo will be removed Aleph One (Jun 03)
- /usr/bin/Mail exploit for Slackware 7.0 (mail-slack.c) Paulo Ribeiro (Jun 02)