PT-2002-2620 · Apple · Terminal

CVE-2002-1898

·

Published

2002-12-31

·

Updated

2024-02-02

CVSS v2.0

7.2

High

VectorAV:L/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Terminal versions 1.3
Description The issue allows remote attackers to execute arbitrary commands via shell metacharacters in a "telnet://" link, which is executed by Terminal.app window. This can lead to unauthorized access and execution of malicious commands.
Recommendations For Terminal version 1.3, consider disabling the execution of telnet links in Terminal.app until a patch is available. Restrict access to the Terminal.app to minimize the risk of exploitation. Avoid using the telnet protocol in the affected Terminal version until the issue is resolved.

Exploit

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2002-1898

Affected Products

Terminal