Virtualbox GKSu root command injection in ext-pack

2014-07-08 / 2014-07-09
Credit: Brandon
Risk: High
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

A while back I noticed some funny behavior that I thought was in virtual box at first, but it turn sour the reason I can do this is because of GKSu. I felt like the ramifications were fairly large, and contacting the (supposed?) maintainer of GKSu didn't work. https://community.rapid7.com/community/metasploit/blog/2014/07/07/virtualbox-filename-command-execution-via-gksu The timeline is included, but what is funny is about the same time I noticed the behavior, someone opened a ticket eluding to this very thing, but they didn't quite make the connection (bug linked in the blog post). The reason I sat on it for so long was because I thought it was in Virtualbox, and really had no time to dig into why it was happening, I just knew it happened. Once I dug in, I realized it was GKSu that was actually what was causing me to execute the commands because it wasn't sanitizing its input. -- http://volatile-minds.blogspot.com -- blog

References:

http://seclists.org/fulldisclosure/2014/Jul/32


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top