FreeBSD -- shell injection vulnerability in patch(1)

ID 0C6759DD-600A-11E6-A6C3-14DAE9D210B8
Type freebsd
Reporter FreeBSD
Modified 2015-07-28T00:00:00


Problem Description: Due to insufficient sanitization of the input patch stream, it is possible for a patch file to cause patch(1) to run commands in addition to the desired SCCS or RCS commands. Impact: This issue could be exploited to execute arbitrary commands as the user invoking patch(1) against a specially crafted patch file, which could be leveraged to obtain elevated privileges.