FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 18:35:25 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
027380b7-3404-11d9-ac1b-000d614f7fad	hafiye -- lack of terminal escape sequence filtering A siyahsapka.org advisory reads: Hafiye-1.0 doesnt filter the payload when printing it to the terminal. A malicious attacker can send packets with escape sequence payloads to exploit this vulnerability. If Hafiye has been started with -n packet count option , the vulnerability could allow remote code execution. For remote code execution the victim must press Enter after program exit. Note that it appears that this bug can only be exploited in conjunction with a terminal emulator that honors the appropriate escape sequences. Discovery 2004-08-23 Entry 2004-11-11 hafiye < 1.0_1 ports/70978 http://deicide.siyahsapka.org/hafiye_esc.txt http://www.enderunix.org/hafiye/

VuXML ID

Description

027380b7-3404-11d9-ac1b-000d614f7fad

hafiye -- lack of terminal escape sequence filtering

A siyahsapka.org advisory reads:

Hafiye-1.0 doesnt filter the payload when printing it to the terminal. A malicious attacker can send packets with escape sequence payloads to exploit this vulnerability.

If Hafiye has been started with -n packet count option , the vulnerability could allow remote code execution. For remote code execution the victim must press Enter after program exit.

Note that it appears that this bug can only be exploited in conjunction with a terminal emulator that honors the appropriate escape sequences.

Discovery 2004-08-23
Entry 2004-11-11
hafiye

< 1.0_1

ports/70978
http://deicide.siyahsapka.org/hafiye_esc.txt
http://www.enderunix.org/hafiye/