Debian Eterm vulnerabilities

5 known vulnerabilities affecting debian/eterm.

Total CVEs

5

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH2MEDIUM2LOW1

Vulnerabilities

Page 1 of 1

CVE-2021-33477HIGHCVSS 8.8fixed in eterm 0.9.6-6.1 (bookworm)2021

CVE-2021-33477 [HIGH] CVE-2021-33477: eterm - rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially ... rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). A response is terminated by a newline. Scope: local bookworm: resolved (fixed in 0.9.6-6.1) bullseye: resolved (fixed in 0.9.6-6.1) forky: resolved (fixed in 0.9.6-6.1) sid: resolved (fixed in 0.9.6-

CVE-2008-1692LOWCVSS 6.9fixed in eterm 0.9.4.0debian1-2.1 (bookworm)2008

CVE-2008-1692 [MEDIUM] CVE-2008-1692: eterm - Eterm 0.9.4 opens a terminal window on :0 if -display is not specified and the D... Eterm 0.9.4 opens a terminal window on :0 if -display is not specified and the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine. Scope: local bookworm: resolved (fixed in 0.9.4.0debian1-2.1) bullseye: resolved (fixed in 0.9.4.

CVE-2003-0068HIGHCVSS 7.5fixed in eterm 0.9.2-6 (bookworm)2003

CVE-2003-0068 [HIGH] CVE-2003-0068: eterm - The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the win... The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. Scope: local bookworm: resolved (fixed in 0.9

CVE-2003-0021MEDIUMCVSS 5.0fixed in eterm 0.9.2-1 (bookworm)2003

CVE-2003-0021 [MEDIUM] CVE-2003-0021: eterm - The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers to overwri... The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence. Scope: local bookworm: resolved (fixed in 0.9.2-1) bullseye: resolved (fixed in 0.9.2-1) forky: resolved (fixed in 0.9.2-1)

CVE-2003-0382MEDIUMCVSS 4.6fixed in eterm 0.9.2-1 (bookworm)2003

CVE-2003-0382 [MEDIUM] CVE-2003-0382: eterm - Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ... Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable. Scope: local bookworm: resolved (fixed in 0.9.2-1) bullseye: resolved (fixed in 0.9.2-1) forky: resolved (fixed in 0.9.2-1) sid: resolved (fixed in 0.9.2-1)