Summary
The remote host is missing an update to rxvt
announced via advisory DSA 062-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20062-1
Insight
Samuel Dralet reported on bugtraq that version 2.6.2 of rxvt (a VT102 terminal emulator for X) have a buffer overflow in the tt_printf() function. A local user could abuse this making rxvt print a special string using that function, for example by using the -T or -name command-line options. That string would cause a stack overflow and contain code which rxvt will execute.
Since rxvt is installed sgid utmp an attacker could use this to gain utmp which would allow him to modify the utmp file.
This has been fixed in version 2.6.2-2.1, and we recommend that you upgrade your rxvt package.
Severity
Classification
-
CVE CVE-2001-1077 -
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities