CVE-2000-0476

xterm, Eterm, and rxvt - Denial of Service via Escape Character Handling

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0476. PoCs published by Kit Knox.

AI-analyzed exploit summary This exploit sends a maliciously crafted HTTP GET request containing VT control characters to resize an xterm window, causing a denial of service (crash or memory exhaustion). It targets xterm and derived terminal emulators by injecting escape sequences into logs or other displayed content.

Description

xterm, Eterm, and rxvt allow an attacker to cause a denial of service by embedding certain escape characters which force the window to be resized.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Kit Knox · cdosmultiple
https://www.exploit-db.com/exploits/19984

This exploit sends a maliciously crafted HTTP GET request containing VT control characters to resize an xterm window, causing a denial of service (crash or memory exhaustion). It targets xterm and derived terminal emulators by injecting escape sequences into logs or other displayed content.

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: xterm (XFree86 3.3.3.1b), rxvt v2.6.1
No auth needed
Prerequisites: Network access to a vulnerable xterm session displaying attacker-controlled content (e.g., logs, filenames)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit, Patch, Vendor Advisory vdb-entry
http://www.securityfocus.com/bid/1298

Scores

EPSS 0.0253
EPSS Percentile 82.9%

Details

Status published
Products (5)
michael_jennings/eterm 0.8.10
putty/putty 0.48
rxvt/rxvt 2.6.1
xfree86_project/x11r6 3.3.3
xfree86_project/x11r6 4.0
Published Jun 01, 2000
Tracked Since Feb 18, 2026