Bug #14205
closed
- Subject changed from Unsanitizied filename leads to command injection in 'resolv' to Unsanitizied filename leads to command injection in 'resolv.rb'
PoC Concept Code
require 'resolv'
a = Resolv::Hosts::new("|echo 1 > /tmp/rce")
a.getaddress("test")
- Status changed from Open to Closed
Applied in changeset trunk|r61349.
Fixed command Injection
- resolv.rb (Resolv::Hosts#lazy_initialize): fixed potential
command Injection in Hosts::new() by use of Kernel#open.
[Fix GH-1777] [ruby-core:84347] [Bug #14205]
From: Drigg3r drigg3r@yandex.com
Also available in: Atom
PDF
Like0
Like0Like0
Updated by 
Updated by