CVE-2008-1142 — LOW (3.7) — White Hats Nepal

Q: How severe is CVE-2008-1142?

CVE-2008-1142 has been rated LOW with a CVSS base score of 3.7/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2008-1142?

Check the references section above for vendor advisories and patch information. Affected products include: Aterm Aterm, Eterm Eterm, Mrxvt Mrxvt, Multi-Aterm Multi-Aterm, Rxvt Rxvt.

Vulnerability Description

rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.

CVSS Score

3.7

LOW

AV:L/AC:H/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Aterm	Aterm	<= 1.0.0
Eterm	Eterm	<= 0.9.3
Mrxvt	Mrxvt	<= 0.5.2
Multi-Aterm	Multi-Aterm	<= 0.2
Rxvt	Rxvt	<= 2.7.9
Rxvt-Unicode	Rxvt-Unicode	<= 9.01
Wterm	Wterm	<= 6.2.8a2

Related Weaknesses (CWE)

CWE-264

References

http://article.gmane.org/gmane.comp.security.oss.general/122
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
http://secunia.com/advisories/29576Vendor Advisory
http://secunia.com/advisories/30224Vendor Advisory
http://secunia.com/advisories/30225Vendor Advisory
http://secunia.com/advisories/30226Vendor Advisory
http://secunia.com/advisories/30227Vendor Advisory
http://secunia.com/advisories/30229Vendor Advisory
http://secunia.com/advisories/31687Vendor Advisory
http://security.gentoo.org/glsa/glsa-200805-03.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:161
http://www.mandriva.com/security/advisories?name=MDVSA-2008:221
http://www.securityfocus.com/bid/28512Patch
http://article.gmane.org/gmane.comp.security.oss.general/122

FAQ

What is CVE-2008-1142?

CVE-2008-1142 is a vulnerability with a CVSS score of 3.7 (LOW). rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt,...

How severe is CVE-2008-1142?

CVE-2008-1142 has been rated LOW with a CVSS base score of 3.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2008-1142?

Check the references section above for vendor advisories and patch information. Affected products include: Aterm Aterm, Eterm Eterm, Mrxvt Mrxvt, Multi-Aterm Multi-Aterm, Rxvt Rxvt.