CVE-2008-1692

Name of the Vulnerable Software and Affected Versions Eterm version 0.9.4 aterm versions prior to 1.0.1-r1

Description The issue allows local users to potentially hijack X11 connections under specific conditions, such as when the DISPLAY environment variable is not set and the -display option is not specified. Realistic attack scenarios require the victim to enter a command on the wrong machine. Multiple vulnerabilities in the aterm package can lead to breaches of confidentiality, integrity, and availability of protected information, with exploitation possible locally.

Recommendations For Eterm version 0.9.4, consider setting the DISPLAY environment variable or specifying the -display option to prevent unauthorized access. For aterm versions prior to 1.0.1-r1, update to version 1.0.1-r1 or later to resolve the vulnerabilities. As a temporary workaround, consider restricting access to the terminal window to minimize the risk of exploitation.