Re: bash 2.05.0(1)-release/it.map.gz Slackware 8.0 default and Debian VU#438955

["CERT(R) Coordination Center" <cert () cert org>]

-----BEGIN PGP SIGNED MESSAGE-----

Davide,

While reviewing mail today, I came across this post (below) to
vuln-dev () security-focus com, dated 07/24/2002.  We've been tracking this
vulnerability as VU#438955, but have not seen any responses from the
various OS vendors that ship bash.  Do you know whether any Unix or Linux
vendors have upgraded their version of bash to address this vulnerability?

If you have any further questions, comments, or information regarding this
issue, please contact us at <cert () cert org>.  When replying, please
include "VU#438955" in the subject of your message.

Thanks,

Jeffrey

- -----------------------------
Jeffrey P. Lanza        
Internet Security Analyst
CERT Coordination Center

Davide Del Vecchio <security () phx it> writes:
> GNU bash 2.05.0(1)-release/it.map.gz Slackware 8.0 default and Debian 
> Stable local dos.
>
> Synopsis:
> Phoenix Sistemi Security Responsable has to notice that Bash version
> 2.05.0(1) (Slackware 8.0 default) and Debian Stable one, with it.map.gz
> loaded suffers a silly bug which compromise the use of the some
> characters.
>
> Affected Versions:
> GNU bash, version 2.05.0(1)-release (i386-slackware-linux-gnu)
> with it.map.gz loaded.
> GNU bash Debian Stable with it.map.gz loaded.
> Not tested on other versions.
>
> Description:
> Loading Unicode mapping table...
> Loading /usr/share/kbd/keymaps/i386/qwerty/it.map.gz
> Using an user local account, and typing the ASCII code "1236" from the keypad,
> an user could compromise the use of the keyboard through a bash/it.map bug, 
[deleted some lines with non-ASCII characters]

> Solutions & Recommendations:
> Install different version of Bash or don't use the it keymap.
>
> Credits:
> Davide Del Vecchio would like to thank his company Phoenix Sistemi and the
> CED especially Bartolomeo Bufi, Antonio Lapadula, Pasquale
> Minervini, Gianluca Nanoia and Michele Tumolo.
>
> Disclaimer:
> The information within this paper may change without notice. Use of this
> information constitutes acceptance for use in an AS IS condition.
> There are NO warranties with regard to this information. In no event shall
> the author be liable for any damages whatsoever arising out of or in
> connection with the use or spread of this information. Any use of this
> information is at the user's own risk.
> ^^^^^^^^
>
> Please send suggestions, updates, and comments to:
> Davide Del Vecchio security () phoenixsistemi com of PhoeniX Sistemi.
> www.phoenixsistemi.com / www.phx.it

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv

iQCVAwUBPjrniGjtSoHZUTs5AQEkkwQAvy/OYmCSkq+2/BZs9yQs3FJnnuurxHKd
aYu5/mUXjMxOHTHETQYyaIHRGtVnXlAzhKA3ivuEOazF/Z7vvDPxXolRDbdekbWr
wyShks5C4IyRmbPHzsg5pJUjB/39cugCYeQX9Mqh9krwaN1AF+0xabz3NKztICcx
c+DJ5Y/bEPY=
=66ie
-----END PGP SIGNATURE-----