Big Brother Arbitrary Shell Command Execution Vulnerability

Solution:
Upgrade all versions prior to 1.5c2

While later versions are not reported vulnerable, users should consider upgrading to the latest version (1.5d2 or higher).

The following is excerpted from the original

Download and install the latest version from http://bb4.com

or

versions 1.4g to 1.5c1, in bbd.c:
add this statement
/*** Read this as backquote dollarsign ***/
/*** semi-colon ampersand vertical_bar ***/
/*** backslash backslash ***/
clean_string(msgbuf,"`$;&|\\");
before this one
do_bb(msgbuf);

versions prior to 1.4g

add this function in bbd.c

void clean_string(str,rm_chars)
char *str;
char *rm_chars;
{
char *tmpstr;
while( *rm_chars ) {
while( tmpstr=(char
*)strchr(str,*rm_chars) ) {
*tmpstr = ' ';

}
rm_chars++;
}
}

and add this statement

/*** Read this as backquote dollarsign ***/
/*** semi-colon ampersand vertical_bar ***/
/*** backslash backslash ***/
clean_string(msgbuf,"`$;&|\\");

before this statement

do_bb(msgbuf);

Recompile bbd (make) and reinstall(make install). YMMV !

The clean_string(msgbuf,"`$;&|\\"); statement that removes
the '&' character will disable some display functionality
in BB but it's very minor. Upgrade to the latest version
if you want a full working version.

Note: BB should not be run as root!



 

Privacy Statement
Copyright 2010, SecurityFocus