oss-security - Re: update on CVE-2008-5718

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Date: Wed, 28 Jan 2009 15:54:59 +0100
From: Thomas Biege <thomas@...e.de>
To: oss-security@...ts.openwall.com
Cc: coley@...re.org
Subject: Re: update on CVE-2008-5718

Hi,

On Wed, Jan 28, 2009 at 09:02:45AM -0500, Steven M. Christey wrote:
> 
> On Wed, 28 Jan 2009, Thomas Biege wrote:
> 
> > New patch attached, the old one was missing spaces.
> > Hope the blacklist is complete now...
> 
> Would a "-" character allow an argument injection attack by inserting
> dangerous command-line switches?  Things like being able to add a "-rf" as
> an argument to the rm command...

I was thinking about that case too but it might not work because we escape
the space.

> I assume there's something undesirable about quoting everything unless
> it's alphanumeric?

... I think I'll rewrite it and post it here again.
Replacing popen() is still my prefered solution....

-- 
Bye,
     Thomas
-- 
 Thomas Biege <thomas@...e.de>, SUSE LINUX, Security Support & Auditing
 SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
-- 
           Hamming's Motto:
           The purpose of computing is insight, not numbers.
                                -- Richard W. Hamming

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.