Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu,  8 Oct 2015 15:11:49 -0400 (EDT)
From: cve-assign@...re.org
To: matthijs@...in.nl
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com, alejandro@...ian.org, kevin@...nke.ca
Subject: Re: CVE request - perl library UI::Dialog 1.09 - shell escaping vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496448
> https://rt.cpan.org/Public/Bug/Display.html?id=107364

Use CVE-2008-7315.

Note that bug-report discussion debates the question of whether this
is a vulnerability. Our feeling is that "I have a script that parses
URLs from an e-mail and uses UI::dialog to prompt me to select one.
This means that sending me a specially crafted e-mail could cause
execution of arbitrary commands" is a plausible use case and that the
current documentation at http://search.cpan.org/~kck/UI-Dialog/
doesn't exclude this use case. Also, the code analysis in 107364
suggests that some or all parts of the product were attempting to
address input containing ` characters.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWFr7gAAoJEL54rhJi8gl51sIP/0VVhnUMgRBooEotNYh78GEE
F6qUp6oRxG51f3wf6csxcdpBdD4RkQYOXz99vM7fbey6AYBmRPBi432m/1X31UZD
xz6fYns7JDuVqbjL5zUqhBoqLhZwFzWZNbTRk/lEVzryhFIfGG7/Jy2P9mXbRMxV
ufUb/+ugbzvLeRV3Szf59q14TuiAWw/Q2YYHf0AhKVB7FOL4+cquuoSTranXcqA2
8HBRWlcPVrZGiHgWvRZQfEagsX7JVuqKQs6Hi2HHvATYR8Q2pywXYxBLqpMjdzDi
DL74S1MSXQ1zA0IQFh6XzaS/skEl4Lm3xlAllrgQm/U5N4KgxBn/P6+Fe/ea4Sph
r6GLCGzBXGHtFSUCzG7pOQKnvhpEMksD26c2usBwN2KzwubEFvkuanD+8bPxkNn/
YRjAX/TKvTlWU+FQ2m+8uvUmqHcO0jhzkcyiSX3hk6lb46gj2494UtwhxtCCYk8a
JvgJMmz4eKO3PMLOxf3YA9+kWyVom07uRPLzPIzYaptrV9+fRGfcwlPfEThmVR2W
8SKEzPE48m3PAsh19R8T1fB9MccYGllaORv/YEixpWtIIdkqVvD51+ivn0Mn3Zm9
00dONqNgKtxaDhQOjAFktuRrjtnFcDF97yfbWf+qayW3HAP6JzefJQWv8oMaZeVy
Vt7uwcSpg9AnV1Y0y6+0
=ZtLd
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.