Date: Fri, 17 Aug 2012 15:54:09 +0100 From: Giles Coochey <giles@...chey.net> To: Julius KivimÃ¤ki <julius.kivimaki@...il.com> CC: research <research@...ctionis.co.uk>, vuln@...urity.nnov.ru, vuln <vuln@...unia.com>, news@...uriteam.com, secalert@...urityreason.com, submit@...ecurity.com, bugs@...uritytracker.com, full-disclosure <full-disclosure@...ts.grok.org.uk>, bugtraq <bugtraq@...urityfocus.com>, submissions@...ketstormsecurity.org, oss-security@...ts.openwall.com, moderators@...db.org Subject: Re: [Full-disclosure] GIMP Scriptfu Python Remote Command Execution On 17/08/2012 11:26, Julius Kivimäki wrote: > Where exactly is the vulnerability here? I am unable to see it myself, > it appears that you are using an eval function to evaluate code which > isn't exactly a security issue. > The vulnerability appears to lie that this script-fu server just opens a TCP port, un-authenticated and un-encrypted and allows execution to run in the context of the server. As mentioned, the GIMP Dev team say it is a feature that wasn't designed with security in mind, so if you were to use it, you would be advised to wrap it. -- Regards, Giles Coochey, CCNA, CCNAS NetSecSpec Ltd +44 (0) 7983 877438 http://www.coochey.net http://www.netsecspec.co.uk giles@...chey.net [ CONTENT OF TYPE application/pkcs7-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ