ETerm Window Title Reporting Escape Sequence Command Execution Vulnerability

eterm's window title reporting feature may be abused to execute arbitrary commands on the system running the vulnerable terminal emulator. The terminal software supports escape sequences which can change the title of a terminal window and then report the title back to the command line. In this manner, an attacker can inject malicious escape sequences which include arbitrary commands in the terminal window title and then cause the commands to be displayed on the command line.

It is possible to exploit this issue if an attacker can cause malicious escape sequences to be displayed in a terminal window of a vulnerable terminal emulator. Exploitation will still require the user to press 'Enter' once the malicious commands are dumped from the window title to the command line. Other emulator features may be used to obfuscate the attack and trick the user into pressing 'Enter'.


Privacy Statement
Copyright 2010, SecurityFocus