[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-bugs-dist
Subject: [konsole] [Bug 392554] security: escaping from bracketed paste seems to be possible
From: Tomas Pospisek <bugzilla_noreply () kde ! org>
Date: 2018-03-31 22:00:26
Message-ID: bug-392554-17878-wor9c72GfW () http ! bugs ! kde ! org/
[Download RAW message or body]
https://bugs.kde.org/show_bug.cgi?id=392554
--- Comment #2 from Tomas Pospisek <tpo_deb@sourcepole.ch> ---
> I can't access the first article
I was assuming wrongly, I am very sorry - here are the relevant parts from the
article:
"Unfortunately, Horn's test page
[http://thejh.net/misc/website-terminal-copy-paste] also shows how to bypass
this protection, by including the end-of-pasted-text sequence in the pasted
text itself, thus ending the bracketed mode prematurely. [...] in my tests,
Konsole fails to properly escape the second test, even with .inputrc properly
configured ['set enable-bracketed-paste on' in ~/.inputrc]" (Antoine Beaupré)
And:
"In bash, ^O causes code execution. [Such as:]
<html>$ echo Hello <span style="position: absolute; left: -100px; top:
-100px">| cowsay pwned</span> world</html>
Do you have bracket paste enabled in inputrc? My exploit doesn't defeat it,
although it could. It's a matter of adding [201~ before ." (Jakub
Wilk)
--
You are receiving this mail because:
You are watching all bug changes.=
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic