[Secure-testing-team] Bug#876004: newsbeuter: CVE-2017-14500: Podbeuter podcast fetcher: remote code execution
Salvatore Bonaccorso
carnil at debian.org
Sun Sep 17 09:24:40 UTC 2017
Source: newsbeuter
Version: 2.8-2
Severity: grave
Tags: upstream patch security
Justification: user security hole
Forwarded: https://github.com/akrennmair/newsbeuter/issues/598
Hi,
the following vulnerability was published for newsbeuter.
CVE-2017-14500[0]:
| Improper Neutralization of Special Elements used in an OS Command in
| the podcast playback function of Podbeuter in Newsbeuter 0.3 through
| 2.9 allows remote attackers to perform user-assisted code execution by
| crafting an RSS item with a media enclosure (i.e., a podcast file) that
| includes shell metacharacters in its filename, related to
| pb_controller.cpp and queueloader.cpp, a different vulnerability than
| CVE-2017-12904.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-14500
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14500
[1] https://github.com/akrennmair/newsbeuter/issues/598
[2] http://openwall.com/lists/oss-security/2017/09/16/1
[3] https://github.com/akrennmair/newsbeuter/commit/26f5a4350f3ab5507bb8727051c87bb04660f333
Regards,
Salvatore
More information about the Secure-testing-team
mailing list