Package: dtc-xen Version: 0.5.13-3 Severity: grave Tags: security dtc-xen includes several command executions as root that uses unchecked user input in dtc-soap-server.
| cmd = "/usr/sbin/dtc_kill_vps_disk %s %s" % (vpsname, imagetype) | output = commands.getstatusoutput(cmd) "imagetype" is the uncheck input and commands.getstatusoutput effectively does "sh -c '{ $cmd } 2>&1'". Bastian -- System Information: Debian Release: 6.0 APT prefers stable APT policy: (990, 'stable'), (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/1 CPU core) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org