FreeBSD -- shell injection vulnerability in patch(1)

2015-08-05T00:00:00
ID 0D090952-600A-11E6-A6C3-14DAE9D210B8
Type freebsd
Reporter FreeBSD
Modified 2015-08-05T00:00:00

Description

Problem Description: Due to insufficient sanitization of the input patch stream, it is possible for a patch file to cause patch(1) to pass certain ed(1) scripts to the ed(1) editor, which would run commands. Impact: This issue could be exploited to execute arbitrary commands as the user invoking patch(1) against a specially crafted patch file, which could be leveraged to obtain elevated privileges.