Bugtraq mailing list archives
Re: [rootshell.com] Xterm DoS Attack
From: mej () VALINUX COM (Michael Jennings)
Date: Thu, 1 Jun 2000 19:29:46 -0700
On Thursday, 01 June 2000, at 11:21:16 (-0700), Kit Knox wrote:
* xterm Denial of Service Attack * (C) 2000 Kit Knox <kit () rootshell com> - 5/31/2000 * * Tested against: xterm (XFree86 3.3.3.1b(88b) -- crashes * rxvt v2.6.1 -- consumes all available memory and then * crashes.
All current versions of Eterm are vulnerable. Attached are patches to Eterm 0.8.10 and 0.9. Similar changes have been committed to 0.8.11 and 0.9.1 in CVS. Michael -- "Greater than the death of flesh is the death of hope, the death of dreams. Against this peril we can never surrender." -- G'Kar, Babylon 5 ======================================================================= Michael Jennings <mej () eterm org> www.tcserv.com PGP Key ID: BED09971 Software Engineer, VA Linux Systems Author, Eterm (www.eterm.org) <HR NOSHADE> <UL> <LI>text/plain attachment: Eterm-0.8.10-DoS.patch </UL> <HR NOSHADE> <UL> <LI>text/plain attachment: Eterm-0.9-DoS.patch </UL>
Current thread:
- Re: IBM HTTP SERVER / APACHE (DoS) H D Moore (Jun 01)
- Re: IBM HTTP SERVER / APACHE (DoS) H D Moore (Jun 01)
- [rootshell.com] Xterm DoS Attack Kit Knox (Jun 01)
- Re: [rootshell.com] Xterm DoS Attack Michael Jennings (Jun 01)
- Re: [rootshell.com] Xterm DoS Attack Walt (Jun 01)
- Re: [rootshell.com] Xterm DoS Attack Soeren Staun-Pedersen (Jun 02)
- Insecure encryption in PassWD v1.2 Daniel Roethlisberger (Jun 03)
- Re: [rootshell.com] Xterm DoS Attack Wakko Ellington Warner-Warner III (Jun 04)
- Linux-Mandrake Xlockmore security update Chmouel Boudjnah (Jun 04)
- Microsoft BackOffice component: adredir.asp Michal Zalewski (Jun 03)
- Re: [rootshell.com] Xterm DoS Attack Darren Reed (Jun 02)
- Re: [rootshell.com] Xterm DoS Attack gavina () CSIS GVSU EDU (Jun 02)
- [Debian] Majordomo will be removed Aleph One (Jun 03)
- /usr/bin/Mail exploit for Slackware 7.0 (mail-slack.c) Paulo Ribeiro (Jun 02)