VULHUB ™

xterm denial of service attack - By sending the VT control characters to resize a window it is possible to cause an xterm to crash and in some cases consume all available memory. This is a problem because remote users can inject these control characters into your xterm in many different ways. This sample exploit injects these control characters into a web get request. If an admin were to cat this log file, or happened to be doing a "tail -f access_log" at the time of attack they would find their xterm crashed. Tested against rxvt v2.6.1 and xterm (XFree86 3.3.3.1b(88b).

xterm denial of service attack - By sending the VT control characters to resize a window it is possible to cause an xterm to crash and in some cases consume all available memory. This is a problem because remote users can inject these control characters into your xterm in many different ways. This sample exploit injects these control characters into a web get request. If an admin were to cat this log file, or happened to be doing a "tail -f access_log" at the time of attack they would find their xterm crashed. Tested against rxvt v2.6.1 and xterm (XFree86 3.3.3.1b(88b).