Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 22 Aug 2016 21:54:35 +0200
From: Salvatore Bonaccorso <>
To: OSS Security Mailinglist <>
Subject: CVE Request: lshell: shell outbreak vulnerabilities via bad syntax
 parse and multiline commands


Two shell outbreak vulnerability for lshell, a shell coded in python,
that is intended to restrict a user's environment to only a limited
sets of commands.

1/ Shell outbreak due to bad syntax parse

2/ Shell outbreak with multiline commands
   - Fix:

Could you please assign two CVEs for those lshell issues?


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.