[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Arbitrary Code Execution when using -x
From: |
Don Armstrong |
Subject: |
Arbitrary Code Execution when using -x |
Date: |
Tue, 9 Mar 2010 14:17:26 -0800 |
User-agent: |
Mutt/1.5.20 (2009-06-14) |
popen shouldn't be used with user data; there is arbitrary remote code
execution when using -x.
You can temporarily disable -x; see
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573228 for more
details.
Don Armstrong
--
[On a trip back from collecting grass seeds in tropical bird stomachs
and being thought by the customs agents to be transporting Marijuana.]
"Anyone so square as to tell you they are transporting grass seeds is
bound to be ok"
-- Peter K. Klopfer _Seeds of Doubt_ Science 134:177 10 April 2009
http://www.donarmstrong.com http://rzlab.ucr.edu
- Arbitrary Code Execution when using -x,
Don Armstrong <=