]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/commit
projects / people / pmueller / ipfire-2.x.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 65ca3f0) | patch
ids.cgi: Fix remote command execution vulnerability
authorMichael Tremer <michael.tremer@ipfire.org>
Wed, 14 Jun 2017 11:58:12 +0000 (12:58 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Wed, 14 Jun 2017 11:58:12 +0000 (12:58 +0100)
commita9a91e5fa713c14f59d20228c228f0e67c4365a8
tree3c4d4d3d6a942a8021fb2c42938927c64b18a464tree | snapshot
parent65ca3f05075a11e2bce7daef5980f9bb4715ae84commit | diff
ids.cgi: Fix remote command execution vulnerability

The OINKCODE variable was only validated for proper input
when the Save button was clicked.

Did the user demand to download new rules instead, the
content of that variable was not being validated (again)
and was passed to wget on the shell.

This was done with privileges of the "nobody" user.

Fixes #11401

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
html/cgi-bin/ids.cgi diff | blob | blame | history
Peter's tree of IPFire 2.x