'Re: [oss-security] CVE Request -- autojump: autojump profile will load random stuff from a directory'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE Request -- autojump: autojump profile will load random stuff from a directory
From:       Kurt Seifried <kseifried () redhat ! com>
Date:       2013-04-25 18:22:54
Message-ID: 5179747E.10207 () redhat ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/25/2013 10:22 AM, Jan Lieskovsky wrote:
> Hello Kurt, Steve, vendors,
> 
> a security flaw was found in the way autojump, a tool for faster
> filesystem navigation from the command line, used to honour content
> of custom_install directory when global and local autojump
> installations were not found, and $SHELL variable was unset or set
> to different value than bash or zsh. If an unsuspecting autojump
> user was tricked into running autojump script from the directory a
> local attacker has write access to, this flaw could be used for
> arbitrary (Python) code execution with the privileges of the user 
> running the autojump binary / script.
> 
> Relevant (final) upstream patches are as follows: [1]
> https://github.com/joelthelion/autojump/commit/ad09ee27d402be797b3456abff6edeb4291edfec
>
> 
[2]
https://github.com/joelthelion/autojump/commit/c763b2afadb188ab52849c21d43d2e8fe5b8800a
> 
> References: [3] https://bugzilla.redhat.com/show_bug.cgi?id=950777
> 
> Credit: This issue was found and reported to Red Hat Bugzilla [3]
> by Zbigniew Jędrzejewski-Szmek. Thanks also goes to Jan Pokorny for
> bringing this one to my attention, and to William Ting of autojump
> upstream for promptly fixing the issue.
> 
> Could you allocate a CVE identifier for this?
> 
> Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat
> Security Response Team
> 

Please use CVE-2013-2012 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJReXR+AAoJEBYNRVNeJnmTCr4P/jpGf2Z6HSi5B3Kx+a3bVum7
x5Q+ScJbiFCAUYKEKJz+vChbkgw4UBhd2MGE4r25NvTM/72XsSlKd7ceq85Cvx/h
5v6g2+dFh8aI2Qc0aq/t3Mr04qWzSngTAwBVZLSc5NIz0mmy4xd8VbMNHlowV7IY
VFaRFe4sUFbx+hZi6kwQ8W9HdJ5sx4yxEZHqyAuUx/5XB3xrXyB6d80vDxAO2R0z
qfriGh0mYr2DM6A0LznW3MnxPTAKRqOclR1rKqcHWOk7Db8ZBWpxJDDfIUtGGLkN
EEJ/5oRPNCxu5OwVRM7tg2jlT4PTbAWY1hGdCAGqnHeIcwXsjdU+aRE/VYnXvxGd
MJz8sDJhVm4t27rapStIjFNBtORVgw9lC5whKs/CWEY+8wQYJI+fFw08YRhz3JvA
fH61zwNsmCxehjgjVSrJZECZN2Qb6s7B8d/hVPT4FsYdigCsqON9UiCcr6rxl0dK
1P5GSGq/17uVPGrfJCAnruovXOj3gubIsm43uehWtmHeoMFvwLN69IE/4B2EQvRj
m7HfYE6hnEBlARxO2am/Xz1fW7rYblu8IRkKIPuHAVJBaKyIeYRAg3cuEdgGLpKG
BSbL1rrLVIlXa2or2c1Jlflo/JTwktreDTCyL3U14MEpgE+HkNSGYb8ryv8ISSpX
51NsFEhtTbaC/RcoF57I
=jWFO
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic