Remote command injection in the linux mint front end installer
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Linux Mint |
New
|
Undecided
|
Unassigned |
Bug Description
Remote command injection in the linux mint installer front end.
The code in mintinstall/
As the input data source cannot be trusted it is possible for an attacker to inject commands to be run in addition to wget.
How to fix: first make sure the category key has a 'safe' file-name, second perhaps consider using urllib to perform the download from python instead of calling wget.
[0] so if there was an assumption that because ssl is in use the software is _safe_, it wouldn't be safe ... unless linux mint has a patched version of urllib ...
Changed in linuxmint: | |
assignee: | Gwendal LE BIHAN (gwendal-lebihan-dev) → nobody |
There is similar also likely to be vulnerable code found on lines 1014(items) and 1040(screen-shots).