Vulnerabilities > Eternal Terminal Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-16 | CVE-2023-23558 | Link Following vulnerability in Eternal Terminal Project Eternal Terminal 6.2.1 In Eternal Terminal 6.2.1, TelemetryService uses fixed paths in /tmp. | 6.3 |
| 2023-01-13 | CVE-2022-48257 | Incorrect Permission Assignment for Critical Resource vulnerability in Eternal Terminal Project Eternal Terminal 6.2.1 In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp. | 5.3 |
| 2023-01-13 | CVE-2022-48258 | Unspecified vulnerability in Eternal Terminal Project Eternal Terminal 6.2.1 In Eternal Terminal 6.2.1, etserver and etclient have world-readable logfiles. | 5.3 |
| 2022-08-16 | CVE-2022-24949 | Classic Buffer Overflow vulnerability in Eternal Terminal Project Eternal Terminal A privilege escalation to root exists in Eternal Terminal prior to version 6.2.0. | 7.5 |
| 2022-08-16 | CVE-2022-24950 | Race Condition vulnerability in Eternal Terminal Project Eternal Terminal A race condition exists in Eternal Terminal prior to version 6.2.0 that allows an authenticated attacker to hijack other users' SSH authorization socket, enabling the attacker to login to other systems as the targeted users. | 7.5 |
| 2022-08-16 | CVE-2022-24951 | Race Condition vulnerability in Eternal Terminal Project Eternal Terminal A race condition exists in Eternal Terminal prior to version 6.2.0 which allows a local attacker to hijack Eternal Terminal's IPC socket, enabling access to Eternal Terminal clients which attempt to connect in the future. | 7.0 |
| 2022-08-16 | CVE-2022-24952 | Improper Input Validation vulnerability in Eternal Terminal Project Eternal Terminal Several denial of service vulnerabilities exist in Eternal Terminal prior to version 6.2.0, including a DoS triggered remotely by an invalid sequence number and a local bug triggered by invalid input sent directly to the IPC socket. | 6.5 |