[15178] in bugtraq
Re: [rootshell.com] Xterm DoS Attack
daemon@ATHENA.MIT.EDU (gavina@CSIS.GVSU.EDU)
Sat Jun 3 20:37:29 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.21.0006021644330.17797-100000@eos13.csis.gvsu.edu>
Date: Fri, 2 Jun 2000 16:46:57 -0400
Reply-To: gavina@CSIS.GVSU.EDU
From: gavina@CSIS.GVSU.EDU
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <200006021221.WAA20903@cairo.anu.edu.au>
On Thu, 1 June 2000, Kit Knox wrote:
>
> /*
> *
> * xterm Denial of Service Attack
> * (C) 2000 Kit Knox <kit@rootshell.com> - 5/31/2000
> *
> * Tested against: xterm (XFree86 3.3.3.1b(88b) -- crashes
> * rxvt v2.6.1 -- consumes all available memory and then
> * crashes.
aterm 0.3.6 is not vulnerable. When you cat a file containing that
string, it displays nothing. Using a text editor, you can see the
contents.
------------------------
"He who rides the pony must someday fall."
- Andrew Wood
