CVE-2017-14500

Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure (i.e., a podcast file) that includes shell metacharacters in its filename, related to pb_controller.cpp and queueloader.cpp, a different vulnerability than CVE-2017-12904.

References

Affected packages

Git / github.com/akrennmair/newsbeuter

Affected ranges

Type: GIT
Repo: https://github.com/akrennmair/newsbeuter
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

26f5a4350f3ab5507bb8727051c87bb04660f333

Fixed

c8fea2f60c18ed30bdd1bb6f798e994e51a58260

Affected versions

r2.*

r2.9

Database specific

vanir_signatures

[
    {
        "digest": {
            "line_hashes": [
                "122203421145135607605150740415678481744",
                "226326304608593480580444074630309874189",
                "141851851325221400487052087950423918467",
                "126645352107463222030298578303702291104",
                "280107155541152668819977864311526523605",
                "100975989055322441498022819319882045499"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "src/pb_controller.cpp"
        },
        "source": "https://github.com/akrennmair/newsbeuter/commit/26f5a4350f3ab5507bb8727051c87bb04660f333",
        "id": "CVE-2017-14500-0ba005de",
        "signature_version": "v1",
        "signature_type": "Line",
        "deprecated": false
    },
    {
        "digest": {
            "length": 569.0,
            "function_hash": "297464687269015149749922159851838517057"
        },
        "target": {
            "file": "src/queueloader.cpp",
            "function": "queueloader::get_filename"
        },
        "source": "https://github.com/akrennmair/newsbeuter/commit/c8fea2f60c18ed30bdd1bb6f798e994e51a58260",
        "id": "CVE-2017-14500-11cd728b",
        "signature_version": "v1",
        "signature_type": "Function",
        "deprecated": false
    },
    {
        "digest": {
            "line_hashes": [
                "122203421145135607605150740415678481744",
                "226326304608593480580444074630309874189",
                "141851851325221400487052087950423918467",
                "126645352107463222030298578303702291104",
                "261190887748625915739741040140074181224",
                "72870267390956557907745808987922535707"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "src/pb_controller.cpp"
        },
        "source": "https://github.com/akrennmair/newsbeuter/commit/c8fea2f60c18ed30bdd1bb6f798e994e51a58260",
        "id": "CVE-2017-14500-1f236f20",
        "signature_version": "v1",
        "signature_type": "Line",
        "deprecated": false
    },
    {
        "digest": {
            "length": 426.0,
            "function_hash": "59995948087546701770999833077024963097"
        },
        "target": {
            "file": "src/pb_controller.cpp",
            "function": "pb_controller::play_file"
        },
        "source": "https://github.com/akrennmair/newsbeuter/commit/26f5a4350f3ab5507bb8727051c87bb04660f333",
        "id": "CVE-2017-14500-55327ebc",
        "signature_version": "v1",
        "signature_type": "Function",
        "deprecated": false
    },
    {
        "digest": {
            "length": 566.0,
            "function_hash": "325622768065210990364342808000899331722"
        },
        "target": {
            "file": "src/queueloader.cpp",
            "function": "queueloader::get_filename"
        },
        "source": "https://github.com/akrennmair/newsbeuter/commit/26f5a4350f3ab5507bb8727051c87bb04660f333",
        "id": "CVE-2017-14500-993677e3",
        "signature_version": "v1",
        "signature_type": "Function",
        "deprecated": false
    },
    {
        "digest": {
            "line_hashes": [
                "28945969528684604269056913412978480261",
                "328591584293568757866463690194581631448",
                "240226559374422634877135290719219586984",
                "111208244330724101130459863208369810773"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "src/queueloader.cpp"
        },
        "source": "https://github.com/akrennmair/newsbeuter/commit/c8fea2f60c18ed30bdd1bb6f798e994e51a58260",
        "id": "CVE-2017-14500-a6c43b70",
        "signature_version": "v1",
        "signature_type": "Line",
        "deprecated": false
    },
    {
        "digest": {
            "length": 372.0,
            "function_hash": "248584191656778447663072432663244477995"
        },
        "target": {
            "file": "src/pb_controller.cpp",
            "function": "pb_controller::play_file"
        },
        "source": "https://github.com/akrennmair/newsbeuter/commit/c8fea2f60c18ed30bdd1bb6f798e994e51a58260",
        "id": "CVE-2017-14500-a9508c1c",
        "signature_version": "v1",
        "signature_type": "Function",
        "deprecated": false
    },
    {
        "digest": {
            "line_hashes": [
                "28945969528684604269056913412978480261",
                "328591584293568757866463690194581631448",
                "240226559374422634877135290719219586984",
                "111208244330724101130459863208369810773"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "src/queueloader.cpp"
        },
        "source": "https://github.com/akrennmair/newsbeuter/commit/26f5a4350f3ab5507bb8727051c87bb04660f333",
        "id": "CVE-2017-14500-b1a77817",
        "signature_version": "v1",
        "signature_type": "Line",
        "deprecated": false
    }
]