[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] Directory traversal in sharutils/uudecode and python uu module
From: Alan Coopersmith <alan.coopersmith () oracle ! com>
Date: 2023-01-24 23:09:08
Message-ID: 08abeba7-4ea5-a8d0-9146-14ecb5acf181 () oracle ! com
[Download RAW message or body]
On 12/21/22 10:42, Hanno Böck wrote:
> If one can convince someone with root privileges to decode such a file
> this may thus compromise a system.
Fortunately, the easiest exploit path was mostly removed decades ago:
https://exchange.xforce.ibmcloud.com/vulnerabilities/126
> I got a reply confirming the report from the sharutils developers,
> pointing out that this can be interpreted as expected behavior
> according to the posix standard. I don't expect a fix any time soon,
> their latest release is from 2015.
I started a discussion on the Austin Group mailing list to see if the
standard should be updated, but the argument has mostly leaned towards
"users should either use -o to specify output or look at files before
uudecoding them" (along with suggestions to drop these utilities from
the standard now in favor of base64 encoding utilities).
--
-Alan Coopersmith- alan.coopersmith@oracle.com
Oracle Solaris Engineering - https://blogs.oracle.com/solaris
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic