Bugtraq mailing list archives

Re: [rootshell.com] Xterm DoS Attack

From: walt () ARMOUR CX (Walt)
Date: Thu, 1 Jun 2000 21:24:09 -0700


On Thu, 1 Jun 2000, Kit Knox wrote:

/*
 *
 * xterm Denial of Service Attack
 * (C) 2000 Kit Knox <kit () rootshell com> - 5/31/2000
 *
 * Tested against: xterm (XFree86 3.3.3.1b(88b)  -- crashes
 *                 rxvt v2.6.1 -- consumes all available memory and then
 *                                crashes.
 *
 * Not vulnerable: KDE konsole 0.9.11
 *                 Secure CRT 3.0.x
 *


Confirmed also against Eterm 0.8.10.

In fact, it took X all the way down (XFree86 4.0).

walt

Current thread:

Re: IBM HTTP SERVER / APACHE (DoS) H D Moore (Jun 01)
- Re: IBM HTTP SERVER / APACHE (DoS) H D Moore (Jun 01)
- [rootshell.com] Xterm DoS Attack Kit Knox (Jun 01)
  - Re: [rootshell.com] Xterm DoS Attack Michael Jennings (Jun 01)
  - Re: [rootshell.com] Xterm DoS Attack Walt (Jun 01)
    - Re: [rootshell.com] Xterm DoS Attack Soeren Staun-Pedersen (Jun 02)
    - Insecure encryption in PassWD v1.2 Daniel Roethlisberger (Jun 03)
    - Re: [rootshell.com] Xterm DoS Attack Wakko Ellington Warner-Warner III (Jun 04)
    - Linux-Mandrake Xlockmore security update Chmouel Boudjnah (Jun 04)
    - Microsoft BackOffice component: adredir.asp Michal Zalewski (Jun 03)
  - Re: [rootshell.com] Xterm DoS Attack Darren Reed (Jun 02)
    - Re: [rootshell.com] Xterm DoS Attack gavina () CSIS GVSU EDU (Jun 02)
    - [Debian] Majordomo will be removed Aleph One (Jun 03)
  - /usr/bin/Mail exploit for Slackware 7.0 (mail-slack.c) Paulo Ribeiro (Jun 02)
    - Re: /usr/bin/Mail exploit for Slackware 7.0 (mail-slack.c) Christopher Schulte (Jun 04)

(Thread continues...)