sup MUA Command Injection

2013.10.29
Risk: High
Local: No
Remote: Yes
CWE: CWE-94


Ogólna skala CVSS: 6.8/10
Znaczenie: 6.4/10
Łatwość wykorzystania: 8.6/10
Wymagany dostęp: Zdalny
Złożoność ataku: Średnia
Autoryzacja: Nie wymagana
Wpływ na poufność: Częściowy
Wpływ na integralność: Częściowy
Wpływ na dostępność: Częściowy

On full-disclosure list there was reported a command injection vulnerability in 'sup', a console-based email client. [0] http://rubyforge.org/pipermail/sup-talk/2013-October/004996.html [1] http://seclists.org/fulldisclosure/2013/Oct/272 For reference quoting the upstream announce: ----cut---------cut---------cut---------cut---------cut---------cut----- Greetings, Security advisory (#SBU1) for Sup We have been notified of an potential exploit in the somewhat careless way Sup treats attachment metadata in received e-mails. The issues should now be fixed and I have released Sup 0.13.2.1 and 0.14.1.1 which incorporates these fixes. Please upgrade immediately and also ensure that your mime-decode or mime-view hooks are secure [0], [1]. This is specifically related to using quotes (',") around filename or content_type which is already escaped using Ruby Shellwords.escape - this means that the string (content_type, filename) is intended to be used _without_ any further quotes. Please make sure that if you use .mailcap (non OSX systems), you do not quote the string. Credit goes to: joernchen of Phenoelit (http://phenoelit.de) who discovered and suggested fixes for these issues. [0] https://github.com/sup-heliotrope/sup/wiki/Viewing-Attachments [1] https://github.com/sup-heliotrope/sup/wiki/Secure-usage-of-Sup You can use 'gem' to upgrade or install sup. Please report any issues to: https://github.com/sup-heliotrope/sup/issues Regards, Gaute ----cut---------cut---------cut---------cut---------cut---------cut----- Upstream fixed (as mentioned in announce) the issue in 0.13.2.1 and 0.14.1.1. Commits: [2] https://github.com/sup-heliotrope/sup/compare/release-0.13.2...release-0.13.2.1 [3] https://github.com/sup-heliotrope/sup/compare/release-0.14.1...release-0.14.1.1

Referencje:

https://github.com/sup-heliotrope/sup/wiki/Viewing-Attachments
https://github.com/sup-heliotrope/sup/wiki/Secure-usage-of-Sup


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top