oss-sec mailing list archives

CVE request: kdirstat, insufficient quote escaping leading to arbitrary command execution

From: Murray McAllister <mmcallis () redhat com>
Date: Mon, 17 Mar 2014 17:21:33 +1100

Good morning,

Adrian Panasiuk discovered that the KDirStat (KDE Directory Statistics)tool did not correctly escape quotes when deleting a directorypermanently. Attempting to use KDirStat to permanently delete adirectory that has a malicious name could result in arbitrary commandexecution.


Original report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741659

The Debian report is about single quotes. On Fedora(https://bugzilla.redhat.com/show_bug.cgi?id=1077059) double quotes wereneeded.

Can a CVE please be assigned if one has not been already? (And maybe itshould be escaping ';' too if not already?)


Thanks,

--
Murray McAllister / Red Hat Security Response Team

Current thread:

CVE request: kdirstat, insufficient quote escaping leading to arbitrary command execution Murray McAllister (Mar 16)
- Re: CVE request: kdirstat, insufficient quote escaping leading to arbitrary command execution cve-assign (Mar 18)