Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu,  8 Oct 2015 15:11:49 -0400 (EDT)
From: cve-assign@...re.org
To: matthijs@...in.nl
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com, alejandro@...ian.org, kevin@...nke.ca
Subject: Re: CVE request - perl library UI::Dialog 1.09 - shell escaping vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496448
> https://rt.cpan.org/Public/Bug/Display.html?id=107364

Use CVE-2008-7315.

Note that bug-report discussion debates the question of whether this
is a vulnerability. Our feeling is that "I have a script that parses
URLs from an e-mail and uses UI::dialog to prompt me to select one.
This means that sending me a specially crafted e-mail could cause
execution of arbitrary commands" is a plausible use case and that the
current documentation at http://search.cpan.org/~kck/UI-Dialog/
doesn't exclude this use case. Also, the code analysis in 107364
suggests that some or all parts of the product were attempting to
address input containing ` characters.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWFr7gAAoJEL54rhJi8gl51sIP/0VVhnUMgRBooEotNYh78GEE
F6qUp6oRxG51f3wf6csxcdpBdD4RkQYOXz99vM7fbey6AYBmRPBi432m/1X31UZD
xz6fYns7JDuVqbjL5zUqhBoqLhZwFzWZNbTRk/lEVzryhFIfGG7/Jy2P9mXbRMxV
ufUb/+ugbzvLeRV3Szf59q14TuiAWw/Q2YYHf0AhKVB7FOL4+cquuoSTranXcqA2
8HBRWlcPVrZGiHgWvRZQfEagsX7JVuqKQs6Hi2HHvATYR8Q2pywXYxBLqpMjdzDi
DL74S1MSXQ1zA0IQFh6XzaS/skEl4Lm3xlAllrgQm/U5N4KgxBn/P6+Fe/ea4Sph
r6GLCGzBXGHtFSUCzG7pOQKnvhpEMksD26c2usBwN2KzwubEFvkuanD+8bPxkNn/
YRjAX/TKvTlWU+FQ2m+8uvUmqHcO0jhzkcyiSX3hk6lb46gj2494UtwhxtCCYk8a
JvgJMmz4eKO3PMLOxf3YA9+kWyVom07uRPLzPIzYaptrV9+fRGfcwlPfEThmVR2W
8SKEzPE48m3PAsh19R8T1fB9MccYGllaORv/YEixpWtIIdkqVvD51+ivn0Mn3Zm9
00dONqNgKtxaDhQOjAFktuRrjtnFcDF97yfbWf+qayW3HAP6JzefJQWv8oMaZeVy
Vt7uwcSpg9AnV1Y0y6+0
=ZtLd
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ