Joined: 12 May 2004
|Posted: Mon Nov 02, 2015 5:26 pm Post subject: [ GLSA 201511-01 ] MirBSD Korn Shell
|Gentoo Linux Security Advisory
Title: MirBSD Korn Shell: Arbitrary code execution (GLSA 201511-01)
Date: November 02, 2015
An attacker who already had access to the environment could so
append values to parameters passed through programs.
MirBSD Korn Shell is an actively developed free implementation of the
Korn Shell programming language and a successor to the Public Domain Korn
Vulnerable: < 50c
Unaffected: >= 50c
Architectures: All supported architectures
Improper sanitation of environment import allows for appending of values
to passed parameters.
An attacker who already had access to the environment could so append
values to parameters passed through programs (including sudo(8) or
setuid) to shell scripts, including indirectly, after those programs
intended to sanitise the environment, e.g. invalidating the last $PATH
There is no known workaround at this time.
All mksh users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=app-shells/mksh-50c"
mksh R50c released, security fix