Today @_ikki tweet about this funny "fail" bug.Pidgins knotify plugin have remote command injection vulnerability. When you type some commands to your victim its executed with current users local priveliges. Its funny!! :>
--[src/pidgin-knotify.c:71-74]--
command = g_strdup_printf("kdialog --title '%s' --passivepopup '%s' %d", title,
body, timeout);
[...]
result = system(command);
--snip--
Exploitation:
Type your friend who use knotifies old version --> ';COMMAND;'
Reference:
https://bugs.gentoo.org/show_bug.cgi?id=336916
No comments:
Post a Comment