lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: lists at onryou.com (Cael Abal) Subject: Re: Gaim festival plugin exploit > > DUH... would help if I attached my attachment. > > I am right proud of myself for this, and it also needs mention to > address the security issue that our friend Error (is that a reference to > Zelda 2?) raised. > > Attached, find the latest reissue of the Gaim festival plugin. The guy > that wrote it, wrote it for pre-0.68 Perl API, but it was secure against > the sort of attack that Error described. I have since taken it and > recoded it to work with post-0.68 versions of Gaim. It is attached. By > all means, if you see an exploitable bug in there, let me know! I'm > just a perl-tot.. Hi Brian, This updated version is still vulnerable. You should be *very* wary of any call to system() or fork(). Consider this input: "This is only a test && rm -rf /" Notice that ';' isn't the only way to inject into a commandline. Cheers, Cael
Powered by blists - more mailing lists