Linux Mint

Code injection in cinnamon-settings-users.py

Bug #1499056 reported by Bernd Dietzel
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Linux Mint
New
Undecided
Unassigned

Bug Description

See attached screenshot.
If you edit a group name or add a new group , the edit field allows to inject shell commands with root permissions.
If the administrator types in the character ";" into the group name field , the text behind the";" will be executed as root.

File :
cinnamon-settings-users.py

Functions :
on_group_addition
on_group_edition

theregrunner@mintdeb ~ $ uname -a
Linux mintdeb 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt11-1+deb8u3 (2015-08-04) x86_64 GNU/Linux

theregrunner@mintdeb ~ $ lsb_release -a
No LSB modules are available.
Distributor ID: LinuxMint
Description: LMDE 2 Betsy
Release: 2
Codename: betsy

Revision history for this message
Bernd Dietzel (l-ubuntuone1104) wrote :
Bernd Dietzel (l-ubuntuone1104)
information type: Private Security → Public Security
Revision history for this message
Bernd Dietzel (l-ubuntuone1104) wrote :

Bug was fixed
https://github.com/linuxmint/Cinnamon/issues/4649

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.