CVE-2001-1561
Xvt 2.1 - Local Buffer Overflow via Long -name or -T Arguments
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2001-1561. PoCs published by Christophe Bailleux.
AI-analyzed exploit summary This exploit targets a buffer overflow in Xvt's '-name' argument handling, allowing arbitrary code execution with elevated privileges. The PoC uses shellcode to spawn a shell, demonstrating the vulnerability.
Description
Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Christophe Bailleux · clocallinux
https://www.exploit-db.com/exploits/20986
This exploit targets a buffer overflow in Xvt's '-name' argument handling, allowing arbitrary code execution with elevated privileges. The PoC uses shellcode to spawn a shell, demonstrating the vulnerability.
Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target:
Xvt (X11R6 terminal emulator)
No auth needed
Prerequisites:
Xvt installed setuid/setgid · Access to execute Xvt
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (5)
Core 5
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/2955
Exploit mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-07/0024.html
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/2964
Third Party Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/6781.php
Patch, Vendor Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2001/dsa-082
Scores
EPSS
0.0120
EPSS Percentile
64.3%
Details
Status
published
Products (2)
debian/debian_linux
2.2
john_bovey/xvt
2.1
Published
Dec 31, 2001
Tracked Since
Feb 18, 2026