Bug#338312: osh: Environment Variable Input Validation Bug

2005-11-09 Thread Martin Schulze
Moritz Muehlenhoff wrote: > Martin Schulze wrote: > > > > Due to a bug in the environment variable substitution code it is > > > > possible to inject environment variables such as LD_PRELOAD and gain a > > > > root shell. > > > > > > Confirmed. > > > > > > Joey we'll need an ID for it. > > >

Bug#338312: osh: Environment Variable Input Validation Bug

2005-11-09 Thread Moritz Muehlenhoff
Martin Schulze wrote: > > > Due to a bug in the environment variable substitution code it is > > > possible to inject environment variables such as LD_PRELOAD and gain a > > > root shell. > > > > Confirmed. > > > > Joey we'll need an ID for it. > > Please use CVE-2005-3344 and inform vendor-

Bug#338312: osh: Environment Variable Input Validation Bug

2005-11-09 Thread Martin Schulze
Steve Kemp wrote: > > Due to a bug in the environment variable substitution code it is > > possible to inject environment variables such as LD_PRELOAD and gain a > > root shell. Charles Stevenson discovered that osh, the operator's shell for executing defined programs in a privileged environment,

Bug#338312: osh: Environment Variable Input Validation Bug

2005-11-09 Thread Martin Schulze
Steve Kemp wrote: > On Wed, Nov 09, 2005 at 04:42:08AM -0800, Charles Stevenson wrote: > > > Due to a bug in the environment variable substitution code it is > > possible to inject environment variables such as LD_PRELOAD and gain a > > root shell. > > Confirmed. > > Joey we'll need an ID fo

Bug#338312: osh: Environment Variable Input Validation Bug

2005-11-09 Thread Steve Kemp
On Wed, Nov 09, 2005 at 04:42:08AM -0800, Charles Stevenson wrote: > Due to a bug in the environment variable substitution code it is > possible to inject environment variables such as LD_PRELOAD and gain a > root shell. Confirmed. Joey we'll need an ID for it. I guess we need to use tw

Bug#338312: osh: Environment Variable Input Validation Bug

2005-11-09 Thread Oohara Yuuma
patch attached -- Oohara Yuuma <[EMAIL PROTECTED]> Lord, what fools these mortals be! --- William Shakespeare, "A Midsummer-Night's Dream" diff -u -rN osh-1.7-unmodified/debian/changelog osh-1.7/debian/changelog --- osh-1.7-unmodified/debian/changelog 2005-11-09 23:34:25.0 +0900 +++ osh-

Bug#338312: osh: Environment Variable Input Validation Bug

2005-11-09 Thread Charles Stevenson
Package: osh Version: 1.7-14 Severity: critical Tags: security Justification: root security hole Due to a bug in the environment variable substitution code it is possible to inject environment variables such as LD_PRELOAD and gain a root shell. Fully-functional local root exploit here: http://p