CVE-2015-9231

HIGH

iTerm2 3.x < 3.1.1 - Unauthenticated Exposure of Sensitive Information via DNS Queries

Title source: llm
STIX 2.1

Description

iTerm2 3.x before 3.1.1 allows remote attackers to discover passwords by reading DNS queries. A new (default) feature was added to iTerm2 version 3.0.0 (and unreleased 2.9.x versions such as 2.9.20150717) that resulted in a potential information disclosure. In an attempt to see whether the text under the cursor (or selected text) was a URL, the text would be sent as an unencrypted DNS query. This has the potential to result in passwords and other sensitive information being sent in cleartext without the user being aware.

References (8)

Core 8
Core References
Exploit, Issue Tracking, Third Party Advisory x_refsource_misc
https://gitlab.com/gnachman/iterm2/issues/6050
Issue Tracking, Third Party Advisory x_refsource_misc
https://gitlab.com/gnachman/iterm2/issues/5303
Third Party Advisory x_refsource_misc
https://gitlab.com/gnachman/iterm2/wikis/dnslookupissue
Issue Tracking, Third Party Advisory x_refsource_misc
https://gitlab.com/gnachman/iterm2/issues/6068
Issue Tracking, Third Party Advisory x_refsource_misc
https://gitlab.com/gnachman/iterm2/issues/3688
Issue Tracking, Third Party Advisory x_refsource_misc
https://news.ycombinator.com/item?id=15286956

Scores

CVSS v3 7.5
EPSS 0.0223
EPSS Percentile 80.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (28)
iterm2/iterm2 2.9.20151111
iterm2/iterm2 2.9.20151229
iterm2/iterm2 2.9.20160102
iterm2/iterm2 2.9.20160113
iterm2/iterm2 2.9.20160206
iterm2/iterm2 2.9.20160313
iterm2/iterm2 2.9.20160422
iterm2/iterm2 2.9.20160426
iterm2/iterm2 2.9.20160510
iterm2/iterm2 2.9.20160523
... and 18 more
Published Sep 20, 2017
Tracked Since Feb 18, 2026