| Vulnerability Name: | CVE-2003-0071 (CCN-11415) | ||||||||
| Assigned: | 2003-02-24 | ||||||||
| Published: | 2003-02-24 | ||||||||
| Updated: | 2016-10-18 | ||||||||
| Summary: | The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. | ||||||||
| CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
| CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||
| References: | Source: CCN Type: VulnWatch Mailing List, Mon Feb 24 2003 - 15:02:52 CST Terminal Emulator Security Issues Source: VULNWATCH Type: Vendor Advisory 20030224 Terminal Emulator Security Issues Source: MITRE Type: CNA CVE-2003-0071 Source: MITRE Type: CNA CVE-2003-0079 Source: BUGTRAQ Type: UNKNOWN 20030224 Terminal Emulator Security Issues Source: CCN Type: RHSA-2003-064 Updated XFree86 4.1.0 packages are available Source: CCN Type: RHSA-2003-065 XFree86 security update Source: CCN Type: RHSA-2003-066 Updated XFree86 packages provide security and bug fixes Source: CCN Type: RHSA-2003-067 Updated XFree86 packages provide security and bug fixes Source: CCN Type: RHSA-2003-070 Updated hanterm packages provide security fixes Source: CCN Type: RHSA-2003-071 hanterm-xf security update Source: CCN Type: Sun Alert ID: 55602 Sun Linux 5.0 Security Vulnerabilities in XFree86 Packages Source: CCN Type: CIAC Information Bulletin N-110 Red Hat Updated XFree86 Packages Provide Security and Bug Fixes Source: DEBIAN Type: UNKNOWN DSA-380 Source: DEBIAN Type: DSA-380 xfree86 -- buffer overflows Source: XF Type: Vendor Advisory terminal-emulator-dec-udk(11415) Source: CCN Type: OSVDB ID: 4918 Hangul Terminal hanterm-xf DoS Source: REDHAT Type: UNKNOWN RHSA-2003:064 Source: REDHAT Type: UNKNOWN RHSA-2003:065 Source: REDHAT Type: UNKNOWN RHSA-2003:066 Source: REDHAT Type: UNKNOWN RHSA-2003:067 Source: CCN Type: BID-6944 Hanterm-XF Loop-Based Escape Sequence Denial of Service Vulnerability Source: BID Type: UNKNOWN 6950 Source: CCN Type: BID-6950 Xterm Loop-Based Escape Sequence Denial Of Service Vulnerability Source: CCN Type: BID-9930 Apache Error and Access Logs Escape Sequence Injection Vulnerability Source: XF Type: UNKNOWN terminal-emulator-dec-udk(11415) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||