CVE-2021-33477

Name
CVE-2021-33477
Description
rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). A response is terminated by a newline.
NVD Severity
high
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://git.enlightenment.org/apps/eterm.git/log/
MISC https://www.openwall.com/lists/oss-security/2017/05/01/20
MISC https://sourceforge.net/projects/rxvt/files/rxvt-dev/
MISC http://cvs.schmorp.de/rxvt-unicode/src/command.C?r1=1.582&r2=1.583
MISC https://www.openwall.com/lists/oss-security/2021/05/17/1
MISC https://packetstormsecurity.com/files/162621/rxvt-2.7.0-rxvt-unicode-9.22-Code-Execution.html
MISC https://sourceforge.net/projects/materm/files/mrxvt%20source/
MISC http://cvs.schmorp.de/rxvt-unicode/Changes?view=log
GENTOO https://security.gentoo.org/glsa/202105-17
MLIST https://lists.debian.org/debian-lts-announce/2021/05/msg00026.html
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZWGE2RJONBEHSPCBUAW72NTRTIFKZAX/
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6RFMU5YXXNYYVA7G2DAHRXXHO6JKVFUT/
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLPVEPBH37EBR4R54RMC6GD33J37HJXD/
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UXAKO6N6NKTR6Z6KVAPEXSZQMRU52SGA/
MLIST https://lists.debian.org/debian-lts-announce/2021/06/msg00010.html
MLIST https://lists.debian.org/debian-lts-announce/2021/06/msg00011.html
MLIST https://lists.debian.org/debian-lts-announce/2021/06/msg00012.html
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AO52OLNOOKOCZSJCN3R7Q25XA32BWNWP/
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DUV4LDVZVW7KCGPAMFZD4ZJ4FVLPOX4C/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:eterm_project:eterm:0.9.7:*:*:*:*:*:*:* eterm == None == 0.9.7
cpe:2.3:a:mrxvt_project:mrxvt:0.5.4:*:*:*:*:*:*:* mrxvt == None == 0.5.4
cpe:2.3:a:rxvt-unicode_project:rxvt-unicode:9.22:*:*:*:*:*:*:* rxvt-unicode == None == 9.22
cpe:2.3:a:rxvt_project:rxvt:2.7.10:*:*:*:*:*:*:* rxvt == None == 2.7.10

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
rxvt-unicode edge-community 9.26-r0 Sören Tempel <soeren+alpine@soeren-tempel.net> fixed
rxvt-unicode 3.22-community 9.26-r0 None fixed
rxvt-unicode 3.21-community 9.26-r0 None fixed
rxvt-unicode 3.20-community 9.26-r0 None fixed
rxvt-unicode 3.19-community 9.26-r0 None fixed
rxvt-unicode 3.18-community 9.26-r0 None fixed
rxvt-unicode 3.17-community 9.26-r0 None fixed
rxvt-unicode 3.11-main 9.22-r8 Sören Tempel <soeren+alpine@soeren-tempel.net> fixed
rxvt-unicode 3.10-main 9.22-r7 Sören Tempel <soeren+alpine@soeren-tempel.net> fixed
mrxvt edge-community 0.5.4-r13 None fixed
mrxvt edge-community 0.5.4-r12 Celeste <cielesti@protonmail.com> fixed
mrxvt edge-community 0.5.4-r11 Mark Constable <markc@renta.net> fixed
mrxvt edge-community 0.5.4-r10 Mark Constable <markc@renta.net> fixed
mrxvt edge-community 0.5.4-r9 Mark Constable <markc@renta.net> fixed
mrxvt 3.23-community 0.5.4-r12 Celeste <cielesti@protonmail.com> fixed
mrxvt 3.22-community 0.5.4-r12 Celeste <cielesti@protonmail.com> fixed
mrxvt 3.22-community 0.5.4-r11 Mark Constable <markc@renta.net> fixed
mrxvt 3.22-community 0.5.4-r9 None fixed
mrxvt 3.21-community 0.5.4-r9 None fixed
mrxvt 3.20-community 0.5.4-r11 Mark Constable <markc@renta.net> fixed
mrxvt 3.20-community 0.5.4-r9 None fixed
mrxvt 3.19-community 0.5.4-r10 Mark Constable <markc@renta.net> fixed
mrxvt 3.19-community 0.5.4-r9 None fixed
mrxvt 3.18-community 0.5.4-r10 Mark Constable <markc@renta.net> fixed
mrxvt 3.18-community 0.5.4-r9 None fixed
mrxvt 3.17-community 0.5.4-r10 Mark Constable <markc@renta.net> fixed
mrxvt 3.17-community 0.5.4-r9 None fixed
mrxvt 3.11-main 0.5.4-r8 Mark Constable <markc@renta.net> fixed
mrxvt 3.10-main 0.5.4-r8 Mark Constable <markc@renta.net> fixed