CVE-2002-1898
Terminal < 1.3.1 - Remote Code Execution via Telnet URL Handler
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2002-1898. PoCs published by Taiyo Fujii.
AI-analyzed exploit summary This exploit leverages improper handling of telnet:// URIs in Mac OS X to execute arbitrary commands via embedded shell metacharacters. Clicking a crafted link (e.g., telnet://|ls -la) triggers command execution in Terminal.app with the user's privileges.
Description
Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a telnet:// link, which is executed by Terminal.app window.
Exploits (1)
This exploit leverages improper handling of telnet:// URIs in Mac OS X to execute arbitrary commands via embedded shell metacharacters. Clicking a crafted link (e.g., telnet://|ls -la) triggers command execution in Terminal.app with the user's privileges.