[Secure-testing-team] Bug#841495: guile: REPL server vulnerable to HTTP inter-protocol attacks
Matanya Moses
matanya at foss.co.il
Fri Oct 21 07:57:59 UTC 2016
Package: guile-1.8
Severity: normal
Tags: security
GNU Guile, an implementation of the Scheme language, provides a "REPL server" which is a command prompt that developers can connect to for live coding and debugging purposes. The REPL server is started by the '--listen' command-line option or equivalent API.
It was reported that the REPL server is vulnerable to the HTTP inter-protocol attack
This constitutes a remote code execution vulnerability for developers running a REPL server that listens on a loopback device or private network. Applications that do not run a REPL server, as is usually the case, are unaffected.
References:
http://seclists.org/oss-sec/2016/q4/100
Upstream patch:
http://git.savannah.gnu.org/cgit/guile.git/commit/?h=stable-2.0&id=08c021916dbd3a235a9f9cc33df4c418c0724e03
More information about the Secure-testing-team
mailing list