CVE-2021-33477 - Improper Handling of Exceptional Conditions

Severity

88%

Complexity

27%

Confidentiality

98%

rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). A response is terminated by a newline.

CVSS 3.1 Base Score 8.8. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

CVSS 2.0 Base Score 6.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P).

Overview

First reported 2 years ago

2021-05-20 20:15:00

Last updated 2 years ago

2021-08-02 03:15:00

Affected Software

rxvt Project rxvt 2.7.10

2.7.10

References

https://git.enlightenment.org/apps/eterm.git/log/

https://www.openwall.com/lists/oss-security/2017/05/01/20

https://sourceforge.net/projects/rxvt/files/rxvt-dev/

http://cvs.schmorp.de/rxvt-unicode/src/command.C?r1=1.582&r2=1.583

https://www.openwall.com/lists/oss-security/2021/05/17/1

https://packetstormsecurity.com/files/162621/rxvt-2.7.0-rxvt-unicode-9.22-Code-Execution.html

https://sourceforge.net/projects/materm/files/mrxvt%20source/

http://cvs.schmorp.de/rxvt-unicode/Changes?view=log

GLSA-202105-17

https://git.enlightenment.org/apps/eterm.git/log/

Third Party Advisory

https://www.openwall.com/lists/oss-security/2017/05/01/20

Mailing List, Third Party Advisory

https://sourceforge.net/projects/rxvt/files/rxvt-dev/

Product, Third Party Advisory

http://cvs.schmorp.de/rxvt-unicode/src/command.C?r1=1.582&r2=1.583

Patch, Third Party Advisory

https://www.openwall.com/lists/oss-security/2021/05/17/1

Exploit, Mailing List, Third Party Advisory

https://packetstormsecurity.com/files/162621/rxvt-2.7.0-rxvt-unicode-9.22-Code-Execution.html

Exploit, Third Party Advisory, VDB Entry

https://sourceforge.net/projects/materm/files/mrxvt%20source/

Product, Third Party Advisory

http://cvs.schmorp.de/rxvt-unicode/Changes?view=log

Third Party Advisory

GLSA-202105-17

Third Party Advisory

[debian-lts-announce] 20210530 [SECURITY] [DLA 2671-1] rxvt-unicode security update

FEDORA-2021-a4c0a91884

FEDORA-2021-5b96f0f5db

FEDORA-2021-c883ca2a37

FEDORA-2021-8b85b2de05

[debian-lts-announce] 20210609 [SECURITY] [DLA 2681-1] eterm security update

[debian-lts-announce] 20210609 [SECURITY] [DLA 2682-1] mrxvt security update

[debian-lts-announce] 20210609 [SECURITY] [DLA 2683-1] rxvt security update

FEDORA-2021-71556a5722

FEDORA-2021-0d3268fc35

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.