Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Gentoo: GLSA 201511-01 Normal: MirBSD Korn Shell Arbitrary Code Execution

gentoo
Calendar Grey November 2, 2015
Dist Gentoo Esm H88
The Gentoo Linux Security Advisory (GLSA) 201511-01 addresses a serious vulnerability in the MirBSD Korn Shell (mksh), allowing possible code execution due to unsafe environment parameter handling, urging users to update.
An attacker who already had access to the environment could so append values to parameters passed through programs.

Summary

Improper sanitation of environment import allows for appending of values to passed parameters.

Topics%20covered

Topics Covered

security advisory gentoo arbitrary code execution environment manipulation normal severity shell mksh

Resolution

All mksh users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-shells/mksh-50c"

References

[ 1 ] mksh R50c released, security fix

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201511-01
style>.gentoo_availability{display:block;}

Concerns

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

Severity: Normal
Title: MirBSD Korn Shell: Arbitrary code execution
Date: November 02, 2015
Bugs: #524414
ID: 201511-01

Topics%20covered

Topics Covered

security advisory gentoo arbitrary code execution environment manipulation normal severity shell mksh

Synopsis

An attacker who already had access to the environment could so append values to parameters passed through programs.

Background

MirBSD Korn Shell is an actively developed free implementation of the Korn Shell programming language and a successor to the Public Domain Korn Shell.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-shells/mksh < 50c >= 50c

Impact

===== An attacker who already had access to the environment could so append values to parameters passed through programs (including sudo(8) or setuid) to shell scripts, including indirectly, after those programs intended to sanitise the environment, e.g. invalidating the last $PATH component.

Workaround

There is no known workaround at this time.

Related News

Your message here