Full Disclosure mailing list archives
Ruby Gem Flash Tool 0.6.0 Remote code execution vulnerability
From: "Larry W. Cashdollar" <larry0 () me com>
Date: Sun, 03 Mar 2013 23:08:53 +0000 (GMT)
Flash Tool 0.6.0 Remote code execution vulnerability 3/1/2013 http://rubygems.org/gems/flash_tool https://github.com/milboj/flash_toolIf files downloaded contain shell characters it's possible to execute code as the client user.
ie: flash_file;id>/tmp/o;.swf ./flash_tool-0.6.0/lib/flash_tool.rb Lines: 26 command = "swfstrings #{file}" 27: output = `#{command} 2>&1` 88: command = "#{command} #{option} #{file}" 89: output = `#{command} 2>&1` ./flash_tool-0.6.0/lib/flash_tool/flash.rb 75: command = "#{command} #{args.join(" ")}" 76: output = `#{command} 2>&1` @_larry0 Larry W. Cashdollar http://otiose.dhs.org/advisories/flash_tool-0.6.0-cmd_exec.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Ruby Gem Flash Tool 0.6.0 Remote code execution vulnerability Larry W. Cashdollar (Mar 03)