Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-17520

Опубликовано: 14 дек. 2017
Источник: debian

Описание

tools/url_handler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is intentional behavior, because the documentation states "url_handler.pl was designed to work together with tin which only issues shell escaped absolute URLs.

Примечания

  • Bogus CVE assignment, works as intended:

  • https://sources.debian.org/src/tin/1:2.4.1-1/tools/url_handler.pl/?hl=120#L120

  • Documentation has a clear SECURITY section mentioning that [...] url_handler

  • does not try hard to shell escape its input nor does it convert relative URLs

  • into abosulte ones. If you use url_handler.pl from other applications be sure to

  • at least shell escaped its input.

Связанные уязвимости

ubuntu логотип

CVE-2017-17520

CVSS3: 8.8
ubuntu
около 8 лет назад

tools/url_handler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is intentional behavior, because the documentation states "url_handler.pl was designed to work together with tin which only issues shell escaped absolute URLs.

nvd логотип

CVE-2017-17520

CVSS3: 8.8
nvd
около 8 лет назад

tools/url_handler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is intentional behavior, because the documentation states "url_handler.pl was designed to work together with tin which only issues shell escaped absolute URLs.

github логотип

GHSA-569q-x9r8-48cw

CVSS3: 8.8
github
больше 3 лет назад

** DISPUTED ** tools/url_handler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is intentional behavior, because the documentation states "url_handler.pl was designed to work together with tin which only issues shell escaped absolute URLs."