slrn newsreader binary decoding causes embedded scripts to be executed
| slrn-decode-script-execution (7166) |  High Risk |
Description:
The slrn newsreader in some Linux distributions could allow the execution of embedded scripts, caused by a vulnerability in the code that handles the decoding of binaries. A remote attacker could embed a malicious shell script within a message, which would be executed once the message is read.
Platforms Affected:
- Debian, Debian Linux 2.2
- slrn, slrn 0.9.7.2 and prior
Remedy:
Apply the Bugfix dated September 9, 2001, available from the slrn Web site. See References.
For Debian GNU/Linux 2.2 (potato):
Upgrade to the latest version of slrn (0.9.6.2-9potato2 or later), as listed in DSA-078-1. See References.
For other distributions:
Contact your vendor for patch or upgrade information.
Consequences:
Gain Access
References:
- slrn Web site, Bugfixes at http://slrn.sourceforge.net/patches/index.html.
- BID-3364: SLRN Arbitrary Shell Script Execution Vulnerability
- CVE-2001-1035: Binary decoding feature of slrn 0.9 and earlier allows remote attackers to execute commands via shell scripts that are inserted into a news post.
- DSA-078: slrn -- remote command invocation
Reported:
Sep 24, 2001
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net