oss-sec mailing list archives
CVE request - perl library UI::Dialog 1.09 - shell escaping vulnerability
From: Matthijs Kooijman <matthijs () stdin nl>
Date: Thu, 8 Oct 2015 14:29:30 +0200
Hi folks, can you please assign a CVE for the UI::Dialog perl library? I (re)discovered a flaw that allows arbitrary command execution when the library is given untrusted strings to show in a menu prompt. The flaw was initially reported in 2008 at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496448 but it seems this never reached upstream. I recently reported the bug upstream https://rt.cpan.org/Public/Bug/Display.html?id=107364, see that report for some additional details. Upstream has indicated to be working on a fix (see upstream bug), but no patches are available yet. Impact seems limited, I'm not aware of any well-known programs that use this library and are vulnerable (only two Debian packages depend on it, both use a UI::Dialog backend that is unaffected). Thanks, Matthijs
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE request - perl library UI::Dialog 1.09 - shell escaping vulnerability Matthijs Kooijman (Oct 08)
- Re: CVE request - perl library UI::Dialog 1.09 - shell escaping vulnerability cve-assign (Oct 08)