[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] Directory traversal in sharutils/uudecode and python uu module
From:       Alan Coopersmith <alan.coopersmith () oracle ! com>
Date:       2023-01-24 23:09:08
Message-ID: 08abeba7-4ea5-a8d0-9146-14ecb5acf181 () oracle ! com
[Download RAW message or body]

On 12/21/22 10:42, Hanno Böck wrote:
> If one can convince someone with root privileges to decode such a file
> this may thus compromise a system.

Fortunately, the easiest exploit path was mostly removed decades ago:
https://exchange.xforce.ibmcloud.com/vulnerabilities/126

> I got a reply confirming the report from the sharutils developers,
> pointing out that this can be interpreted as expected behavior
> according to the posix standard. I don't expect a fix any time soon,
> their latest release is from 2015.

I started a discussion on the Austin Group mailing list to see if the
standard should be updated, but the argument has mostly leaned towards
"users should either use -o to specify output or look at files before
  uudecoding them" (along with suggestions to drop these utilities from
the standard now in favor of base64 encoding utilities).

-- 
         -Alan Coopersmith-                 alan.coopersmith@oracle.com
          Oracle Solaris Engineering - https://blogs.oracle.com/solaris

[prev in list] [next in list] [prev in thread] [next in thread]