Skip Menu |

This queue is for tickets about the PerlSpeak CPAN distribution.

Report information
The Basics
Id: 132173
Status: new
Priority: 0/
Queue: PerlSpeak
People
Owner: Nobody in particular
Requestors: juerd [...] tnx.nl
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Wed Mar 18 15:37:02 2020 juerd [...] tnx.nl - Ticket created
Subject: Security: shell injection RCEs all over the place
Date: Wed, 18 Mar 2020 20:30:08 +0100
To: bug-PerlSpeak [...] rt.cpan.org
From: Juerd Waalboer <juerd [...] tnx.nl>
TL;DR: do not use the PerlSpeak module. The main method 'say', and several other methods, are ridden with system() calls that contain arbitrary strings, that are likely to be unsafe for use in a shell command. The use of 2-argument open() with arbitrary strings is equally unsafe. Unsafe input could come from any code that uses this module, or from the filesystem ('fileselect' method), I'm not providing patches, because the security issue is pervasive throughout the module and major rewriting will be required in any case. -- Met vriendelijke groet, // Kind regards, // Korajn salutojn, Juerd Waalboer <juerd@tnx.nl> TNX
  Wed Mar 18 17:56:46 2020 juerd [...] tnx.nl - Correspondence added
Subject: Re: [rt.cpan.org #132173] Security: shell injection RCEs all over the place
Date: Wed, 18 Mar 2020 22:56:33 +0100
To: bug-PerlSpeak [...] rt.cpan.org
From: Juerd Waalboer <juerd [...] tnx.nl>
This vulnerability has been assigned CVE-2020-10674.