User: Password:
|
|
Subscribe / Log in / New account

ack: code execution

Package(s):ack CVE #(s):CVE-2013-7069
Created:December 20, 2013 Updated:January 28, 2014
Description:

From the Red Hat bug report:

A flaw was found in the way ack, a tool similar to grep, processed .ackrc files. If a local user ran ack in an attacker-controlled directory, it would lead to arbitrary code execution with the privileges of the user running ack. This issue affects versions 2.00 to 2.10 (such as the version in Fedora 19), and should be fixed in version 2.12. It does not affect versions below 2.00 (such as those in EPEL).

Alerts:
openSUSE openSUSE-SU-2014:0142-1 ack 2014-01-28
Fedora FEDORA-2013-23206 ack 2013-12-20
Fedora FEDORA-2013-23197 ack 2013-12-20

(Log in to post comments)


Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds