Wednesday, January 7, 2009

Vulnerability in xterm

This is a nice headline:

"Attackers can use a vulnerability in xterm, the terminal emulator for the X Window system, to execute their commands when the user views a file with a particular escape sequence."

Source: Heise Security

xterm and I have been friends for a long time, and I was quite surprised when I saw an update in my packages list. Can anyone still doubt that application security should be our primal focus area (together with user education)?

On a related note: Yesterday and tomorrow, I'll be at the International Conference on Cyber Security (ICCS2009) in New York City. While having a heavy bias on law-enforcement, there are still some interesting talks.

No comments:

Post a Comment

Please share your view and opinions on what I wrote. In order to maintain quality, all comments will be moderated for merit. Contributions that call me out on statements that appear unfounded, wrong, or simply with which you disagree are highly appreciated and are even encouraged. Spam and 'me too' answers will be ignored.