FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

hafiye -- lack of terminal escape sequence filtering

Affected packages
hafiye < 1.0_1

Details

VuXML ID 027380b7-3404-11d9-ac1b-000d614f7fad
Discovery 2004-08-23
Entry 2004-11-11

A siyahsapka.org advisory reads:

Hafiye-1.0 doesnt filter the payload when printing it to the terminal. A malicious attacker can send packets with escape sequence payloads to exploit this vulnerability.

If Hafiye has been started with -n packet count option , the vulnerability could allow remote code execution. For remote code execution the victim must press Enter after program exit.

Note that it appears that this bug can only be exploited in conjunction with a terminal emulator that honors the appropriate escape sequences.

References

FreeBSD PR ports/70978
URL http://deicide.siyahsapka.org/hafiye_esc.txt
URL http://www.enderunix.org/hafiye/