xtell Trusted TTY Device Name Remote Vulnerability

xtell is a simple network messaging program. It may be used to transmit terminal messages between users and machines. xtell is available for Linux, BSD and most other Unix based operating systems.

xtell accepts untrusted user input as the TTY device to write to. In addition to specifying arbitrary devices, it is possible to mount a '../' directory traversal against arbitrary files. The value supplied as a device name is restricted to eight characters.

It may also be possible to exhaust available disk space by specifying a mundane file instead of a device name.

Earlier versions of xtell may share this vulnerability. This has not been confirmed.


 

Privacy Statement
Copyright 2010, SecurityFocus