Bug 613110 - (CVE-2010-2713) CVE-2010-2713 vte: responds to get window title escape sequence request
CVE-2010-2713 vte: responds to get window title escape sequence request
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
high Severity high
: ---
: ---
Assigned To: Red Hat Product Security
public=20100715,reported=20100708,sou...
: Security
Depends On: 615045 615046
Blocks:
  Show dependency treegraph
 
Reported: 2010-07-09 14:18 EDT by Vincent Danen
Modified: 2015-10-15 17:13 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-06-14 13:23:01 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
proposed patch to fix the issue (1.83 KB, patch)
2010-07-09 14:19 EDT, Vincent Danen
no flags Details | Diff

  None (edit)
Description Vincent Danen 2010-07-09 14:18:18 EDT
It was reported to Ubuntu that vte regressed the fix for CVE-2003-0070 in the following upstream commit:

http://git.gnome.org/browse/vte/commit/?id=58bc3a942f198a1a8788553ca72c19d7c1702b74

This would allow for an information disclosure of the window title of the gnome-terminal.

This issue does not affect Red Hat Enterprise Linux 5 or earlier, which still replace the contents of the window title with "LTerminal", rather than "l[contents of terminal window]"; as demonstrated with:

$ echo -e "\e[21t"
Comment 1 Vincent Danen 2010-07-09 14:19:28 EDT
Created attachment 430733 [details]
proposed patch to fix the issue
Comment 3 Vincent Danen 2010-07-14 11:20:56 EDT
This has been assigned the name CVE-2010-2713.
Comment 9 Vincent Danen 2010-07-15 16:16:19 EDT
Created vte tracking bugs for this issue

Affects: fedora-all [bug 615046]
Comment 10 Vincent Danen 2011-06-14 13:23:01 EDT
This was fixed upstream in 0.19.4; currently Fedora has 0.24.1-1.fc13, 0.26.1-1.fc14, and 0.28.0-1.fc15. This has been fixed.

Note You need to log in before you can comment on or make changes to this bug.