[Bug 1916081] Re: Insecure Chaining of Flags T and TT
Seth Arnold
1916081 at bugs.launchpad.net
Fri Feb 26 21:41:44 UTC 2021
Done, thanks Mal.
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to zip in Ubuntu.
https://bugs.launchpad.net/bugs/1916081
Title:
Insecure Chaining of Flags T and TT
Status in zip package in Ubuntu:
Confirmed
Bug description:
Description:
In Zip for Linux, the “-TT” flag can be used to run arbitrary system commands. Due to the dangerous nature of this flag, it must always be used at the same time as the “-T” flag. By using a flag chaining attack, attackers that should only be able to insert just 1 flag in a zip command can insert both the “-T” and “-TT” flag and potentially execute malicious code.
Proof of Concept and in depth explanation can be found in the attached
PDF file.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/zip/+bug/1916081/+subscriptions
More information about the foundations-bugs
mailing list