Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20140707181454.F372F1A41139@me.com>
Date: Mon,  7 Jul 2014 14:14:54 -0400 (EDT)
From: larry0@...com (Larry W. Cashdollar)
To: <oss-security@...ts.openwall.com>
Subject: Vulnerability Report for Ruby Gem lynx-0.2.0

Title: Vulnerability Report for Ruby Gem lynx-0.2.0

Author: Larry W. Cashdollar, @_larry0

Date: 06/01/2014

OSVDB: 108579

CVE:Please Assign

Download: http://rubygems.org/gems/lynx

Gem Author:  pan.thomakos@...il.com

From: ./lynx-0.2.0/lib/lynx/pipe/get.rb

Doesn't properly sanitize user input before sending to command line: 

From: lynx/blob/master/lib/lynx/pipe/run.rb
module Lynx
  module Pipe
    class Run < Basic
      def perform(command)
        system(command.to_s)
      end
    end
  end
end

Exposes password to the process table
From:lynx/blob/master/lib/lynx/command/basic.rb

@command << "--password=#{config.password}" if config.password

04-  module Pipe
6-      def perform(command)
7:        `#{command}`.strip
8-      end
9-    end
10-  end


Advisory: http://www.vapid.dhs.org/advisories/lynx-0.2.0.html

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.