VULHUB ™

The Xterm terminal fails to sufficiently filter certain potentially malicious loop-based escape sequences, leaving the terminal open to attacks including attacker-initiated tight loops that may exhaust CPU resources. The problem has been reported to result from a lack of sufficient sanitization of potentially malicious escape sequences, which are handled by the DEC UDK processor implementation in the vulnerable terminal. It is possible to exploit these issues if an attacker can cause malicious escape sequences to be displayed in a terminal window of a vulnerable terminal emulator.

The Xterm terminal fails to sufficiently filter certain potentially malicious loop-based escape sequences, leaving the terminal open to attacks including attacker-initiated tight loops that may exhaust CPU resources. The problem has been reported to result from a lack of sufficient sanitization of potentially malicious escape sequences, which are handled by the DEC UDK processor implementation in the vulnerable terminal. It is possible to exploit these issues if an attacker can cause malicious escape sequences to be displayed in a terminal window of a vulnerable terminal emulator.