Bug 870713 - (CVE-2012-4548) CVE-2012-4548 cgit: syntax-highlighting.sh command injection
CVE-2012-4548 cgit: syntax-highlighting.sh command injection
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
high Severity high
: ---
: ---
Assigned To: Red Hat Product Security
impact=important,public=20121028,repo...
: Security
Depends On: 870714 870715
Blocks:
  Show dependency treegraph
 
Reported: 2012-10-28 02:59 EDT by Kurt Seifried
Modified: 2015-08-24 11:56 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-08-24 11:56:44 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
cgit-CVE-2012-4548.patch (564 bytes, patch)
2012-10-28 03:00 EDT, Kurt Seifried
no flags Details | Diff

  None (edit)
Description Kurt Seifried 2012-10-28 02:59:04 EDT
syntax-highlighting.sh: Fix command injection.

By not quoting the argument, an attacker with the ability to add files to the 
repository could pass arbitrary arguments to the highlight command, in 
particular, the --plug-in argument which can lead to arbitrary command 
execution. 

This patch adds simple argument quoting. 

External references:
http://git.zx2c4.com/cgit/commit/?id=7ea35f9f8ecf61ab42be9947aae1176ab6e089bd
Comment 1 Kurt Seifried 2012-10-28 03:00:46 EDT
Created attachment 634444 [details]
cgit-CVE-2012-4548.patch
Comment 2 Kurt Seifried 2012-10-28 03:01:38 EDT
Created cgit tracking bugs for this issue

Affects: fedora-all [bug 870714]
Comment 3 Kurt Seifried 2012-10-28 03:02:11 EDT
Created cgit tracking bugs for this issue

Affects: epel-all [bug 870715]

Note You need to log in before you can comment on or make changes to this bug.