VUPEN Security - Debian Security Update Fixes Xterm Command Execution Vulnerability / Exploit (Security Advisories)

	Contact \| Site en Français

Vulnerabilities & Threats

VUPEN Security Advisories

Linux Security Advisories

Threat Watch Blog

Zero-Day Monitor

Search Engine

Mailing List & RSS

>> Debian Security Update Fixes Xterm Command Execution Vulnerability

Title : Debian Security Update Fixes Xterm Command Execution Vulnerability
VUPEN ID : VUPEN/ADV-2009-0031
CVE ID : CVE-2008-2383
Rated as : Low Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2009-01-07

Technical Description

A vulnerability has been identified in Debian, which could be exploited by attackers to execute arbitrary code. This issue is caused by an error in Xterm. For additional information, see : VUPEN/ADV-2009-0002

Affected Products

Debian GNU/Linux etch
Debian GNU/Linux sid
Debian GNU/Linux lenny

Solution

Debian GNU/Linux etch - Upgrade to xterm version 222-1etch4
Debian GNU/Linux sid - Upgrade to xterm version 235-2
Debian GNU/Linux lenny - Upgrade to xterm version 238-2

References

http://www.vupen.com/english/advisories/2009/0031
http://lists.debian.org/debian-security-announce/2009/msg00002.html

ChangeLog

2009-01-07 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.

Latest News

>> 2009-06-10