• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

RXVT Menu Bar Escape Sequence Command Execution Vulnerability

rxvt's MenuBar feature may be abused to execute arbitrary commands. Menu items may be added to the terminal emulator which contain arbitrary commands. If this menu item is later accessed by the terminal user, the arbitrary commands may be executed.

It is possible to exploit this issue if an attacker can cause malicious escape sequences to be displayed in a terminal window of a vulnerable terminal emulator.