oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Terminal escape sequences - the new XSS for admins?

From: Michal Zalewski <lcamtuf () coredump cx>
Date: Mon, 31 Aug 2015 22:50:11 -0700
I definitely think it deserves a closer look. Here are three recent
finds that kcwu reported after apparently testing GNU screen with
afl-fuzz:

https://savannah.gnu.org/bugs/?45713
https://savannah.gnu.org/bugs/?45715
https://savannah.gnu.org/bugs/?45714


Ditto for tmux:
https://github.com/tmux/tmux/issues/92

/mz
Previous By Date Next
Previous By Thread Next

Current thread: