MDKSA-2003:040

Package name

Eterm

Date

2003-04-01

Advisory ID

MDKSA-2003:040

Affected versions

9.0 i586

Problem description

Digital Defense Inc. released a paper detailing insecurities in various terminal emulators, including Eterm. Many of the features supported by these programs can be abused when untrusted data is displayed on the screen. This abuse can be anything from garbage data being displayed to the screen or a system compromise. These issues are corrected in Eterm 0.9.2, which is already included in Mandrake Linux 9.1.

Updated packages

9.0 i586

 c0581145c8105bcbc734f547f4a86275  9.0/RPMS/libast1-0.5-1.1mdk.i586.rpm
d855d276f9d70c038a5994a78876fee5  9.0/RPMS/libast1-devel-0.5-1.1mdk.i586.rpm
a751b7970af94a7cba3fd5ed5eb71e72  9.0/RPMS/Eterm-0.9.2-2.1mdk.i586.rpm
c652ca438722b31c53a590a502c3f03c  9.0/RPMS/Eterm-devel-0.9.2-2.1mdk.i586.rpm
a0a0f9b21f7bd64e26a51dfc7a267c3f  9.0/SRPMS/libast-0.5-1.1mdk.src.rpm
90ae935151ce81306fb671e1aafa0a58  9.0/SRPMS/Eterm-0.9.2-2.1mdk.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0021
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0068
• http://marc.theaimsgroup.com/?l=bugtraq&m=104612710031920&w=2