CVE-2008-1142: CVE-2008-1142

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2008-1142

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

rxvt终端X11显示任意代码执行漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

rxvt(ouR eXtended Virtual Terminal)是X窗口系统的终端模拟器。 rxvt如果没有指定-display选项且缺少DISPLAY环境变量的话，就会使用:0作为X11显示，本地用户劫持X11会话，通过恶意的X服务器以运行rxvt用户的权限执行任意命令。rxvt-unicode、mrxvt、aterm、multi-aterm、wterm等终端也受影响。如果要利用这个漏洞，本地用户必须在错误的机器上输入命令。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2008-1142

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2008-1142

Please Login to view more intelligence information

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296x_refsource_CONFIRM
http://article.gmane.org/gmane.comp.security.oss.general/122x_refsource_MISC
http://secunia.com/advisories/30224third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/30227third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/29576third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/30225third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/30229third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/28512vdb-entryx_refsource_BID
http://secunia.com/advisories/31687third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/30226third-party-advisoryx_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2008:221vendor-advisoryx_refsource_MANDRIVA
http://security.gentoo.org/glsa/glsa-200805-03.xmlvendor-advisoryx_refsource_GENTOO
http://www.mandriva.com/security/advisories?name=MDVSA-2008:161vendor-advisoryx_refsource_MANDRIVA
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.htmlvendor-advisoryx_refsource_SUSE
https://nvd.nist.gov/vuln/detail/CVE-2008-1142

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2008-1142

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2008-1142

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2008-1142

III. Intelligence Information for CVE-2008-1142

IV. Related Vulnerabilities

V. Comments for CVE-2008-1142

Leave a comment