long apt: URL causes Software Center to open and freeze, potential DoS
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
software-center (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: software-center
Earlier this evening, the #ubuntu IRC channel was spammed by links (via redirection) to a site containing a copy of a Launchpad page with an <iframe> added that points to an apt: URL. I have attached the relevant part of the page source as payload.txt. When run in an Ubuntu 11.04 LiveCD virtual machine with networking turned off, this URL prompts to load Software Center. When the user clicks OK, Software Center opens and freezes. I have not tested this with networking enabled, and am marking this as a security vulnerability because it is possible that 1) this does additional things if networking is enabled, 2) it could be changed to do so. I figured someone who knows more about software-center than me might know more about it.
ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: software-center 4.0
ProcVersionSign
Uname: Linux 2.6.38-8-generic i686
Architecture: i386
Date: Mon May 16 02:09:12 2011
LiveMediaBuild: Ubuntu 11.04 "Natty Narwhal" - Release i386 (20110427.1)
PackageArchitec
ProcEnviron:
LANGUAGE=en_US:en
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: software-center
UpgradeStatus: No upgrade log present (probably fresh install)
visibility: | private → public |
security vulnerability: | yes → no |
summary: |
- long apt: URL causes Software Center to open and freeze, potential - exploit + long apt: URL causes Software Center to open and freeze, potential DoS |