oss-sec mailing list archives
Re: Terminal escape sequences - the new XSS for admins?
From: Michal Zalewski <lcamtuf () coredump cx>
Date: Mon, 31 Aug 2015 22:50:11 -0700
I definitely think it deserves a closer look. Here are three recent finds that kcwu reported after apparently testing GNU screen with afl-fuzz: https://savannah.gnu.org/bugs/?45713 https://savannah.gnu.org/bugs/?45715 https://savannah.gnu.org/bugs/?45714
Ditto for tmux: https://github.com/tmux/tmux/issues/92 /mz
Current thread:
- Re: Terminal escape sequences - the new XSS for admins?, (continued)
- Re: Terminal escape sequences - the new XSS for admins? Steve Grubb (Aug 11)
- Re: Terminal escape sequences - the new XSS for admins? Stephane Chazelas (Aug 11)
- Re: Terminal escape sequences - the new XSS for admins? Florian Weimer (Aug 11)
- Re: Terminal escape sequences - the new XSS for admins? Andy Lutomirski (Aug 11)
- Re: Re: Terminal escape sequences - the new XSS for admins? Steve Grubb (Aug 11)
- Re: Re: Terminal escape sequences - the new XSS for admins? Robert Święcki (Aug 12)
- Re: Re: Terminal escape sequences - the new XSS for admins? Dave Horsfall (Aug 12)
- Re: Terminal escape sequences - the new XSS for admins? Steve Grubb (Aug 11)
- Re: Terminal escape sequences - the new XSS for admins? Solar Designer (Aug 17)
- Re: Terminal escape sequences - the new XSS for admins? Michal Zalewski (Aug 31)
- Re: Terminal escape sequences - the new XSS for admins? Michal Zalewski (Aug 31)