Multiple vendor terminal emulator DEC UDK denial of service

terminal-emulator-dec-udk (11415) The risk level is classified as MediumMedium Risk

Description:

Multiple vendor terminal emulator software packages, including hanterm-xf is vulnerable to a denial of service attack, caused by improper handling of malformed escape sequences during DEC UDK processing. Escape sequences are a series of characters that begin with the ASCII (0x1B) sequence and are followed by a series of arguments. If an attacker could inject malformed escape sequences into a user's terminal emulator session, the attacker could cause the terminal emulator to enter into a loop and crash.


Consequences:

Denial of Service

Remedy:

For Red Hat Linux containing the hanterm package:
Upgrade to the latest hanterm package, as listed below. Refer to RHSA-2003:070-12 for more information. See References.

Red Hat 7.2 and 7.3: 2.0.5-5.7.4 or later
Red Hat 8.0: 2.0.5-5.8.0 or later

For Red Hat Linux 8.0 containing the XFree86 packag:
Upgrade to the latest XFree86 package (4.2.1-21 or later), as listed in RHSA-2003:067-19. See References.

For Red Hat Linux containing the hanterm package:
Upgrade to the latest hanterm package, as listed below. Refer to RHSA-2003:071-12 for more information. See References.

Red Hat Enterprise Linux AS (v. 2.1), ES (v.2.1), WS (v.2.1), and Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor: 2.0.5-5.AS21.1 or later

For Sun Linux 5.0:
Apply the appropriate patch for your system. Refer to Sun Alert ID: 55602 for more information. See References.

For Debian GNU/Linux 3.0 (woody):
Upgrade to the latest xfree86 package (4.1.0-16woody1 or later), as listed in DSA-380-1. See References.

For HP-UX 11.00, 11.11,11.22, and 11.23:
Apply the update for this vulnerability, as listed in Hewlett-Packard Security Bulletin HPSBUX01019. See References.

For other distributions:
Contact your vendor for upgrade or patch information.

References:

  • CIAC Information Bulletin N-110: Red Hat Updated XFree86 Packages Provide Security and Bug Fixes.
  • Sun Alert ID: 55602: Sun Linux 5.0 Security Vulnerabilities in XFree86 Packages.
  • VulnWatch Mailing List, Mon Feb 24 2003 - 15:02:52 CST : Terminal Emulator Security Issues .
  • BID-6944: Hanterm-XF Loop-Based Escape Sequence Denial of Service Vulnerability
  • BID-6950: Xterm Loop-Based Escape Sequence Denial Of Service Vulnerability
  • BID-9930: Apache Error and Access Logs Escape Sequence Injection Vulnerability
  • CVE-2003-0071: The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop.
  • CVE-2003-0079: The DEC UDK processing feature in the hanterm (hanterm-xf) terminal emulator before 2.0.5 allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop.
  • DSA-380: xfree86 -- buffer overflows
  • OSVDB ID: 4918: Hangul Terminal hanterm-xf DoS
  • RHSA-2003-064: Updated XFree86 4.1.0 packages are available
  • RHSA-2003-065: XFree86 security update
  • RHSA-2003-066: Updated XFree86 packages provide security and bug fixes
  • RHSA-2003-067: Updated XFree86 packages provide security and bug fixes
  • RHSA-2003-070: Updated hanterm packages provide security fixes
  • RHSA-2003-071: hanterm-xf security update

Platforms Affected:

  • Debian Debian Linux 3.0
  • HP HP-UX 11.00
  • HP HP-UX 11.11
  • HP HP-UX 11.22
  • HP HP-UX 11.23
  • Jake Song hanterm-xf 2.0
  • RedHat Enterprise Linux 2.1 AW
  • RedHat Enterprise Linux 2.1 WS
  • RedHat Enterprise Linux 2.1 ES
  • RedHat Enterprise Linux 2.1 AS
  • RedHat Linux 7.1
  • RedHat Linux 7.2
  • RedHat Linux 7.3
  • RedHat Linux 8.0
  • RedHat Linux Advanced Workstation 2.1 Itanium
  • Sun Linux 5.0
  • XFree86 XFree86 4.2.0

Reported:

Feb 24, 2003

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page