Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 8 Nov 2017 20:46:52 +0100
From: Salvatore Bonaccorso <carnil@...ian.org>
To: OSS Security Mailinglist <oss-security@...ts.openwall.com>
Subject: Back in Time: CVE-2017-16667: shell injection in notify-send

Hi

MITRE has assinged CVE-2017-16667 for the following isue in Back in
Time, "a simple backup tool for Linux". backintime is prone to a shell
injection vulnerability via notify-sent.

Back in Time did improper escaping/quoting of file paths used as
arguments to the 'notify-send' command, leading to some parts of file
paths being executed as shell commands.

An attacker could take advantage of this flaw by crafting an
unreadable file with a specific name to run arbitrary shell commands.

Upstream report: https://github.com/bit-team/backintime/issues/834
Fixed by: https://github.com/bit-team/backintime/commit/cef81d0da93ff601252607df3db1a48f7f6f01b3

Regards,
Salvatore

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.