Re: [Nano-devel] Vulnerability

[Joshua Rogers]

No problem!
If it is possible, could a CVE be assigned? If it's not a cmd execution, it could atleast be classed as a DoS

Also, where would I be able to find the 'r4563' of nano? Or the repo for the latest stuff.

You have a fun weekend aswell.

Thanks

Joshua Rogers - Retro Game Collector && IT Security Specialist
gpg pubkey

On 13/01/13 19:41, Chris Allegretta wrote:

On Fri, Jan 11, 2013 at 10:30 PM, Joshua Rogers <address@hidden> wrote:

OK.
There is one vulverability, and one bug;

Vuln:

Download: http://124.191.82.19:8012/nn

nano nn

alt control _ 50000 (go to line 50k)

control j
control k
Now let it load.
Now control j again.

And it should segfault.
strace can be found here: http://124.191.82.19:8012/nano.txt
I don't know if it can be used for cmd execution, but yeah.

Ooooooh fun.  Ok, Ill have to dig into this when I'm back home.  Thank
you for the report Joshua.

Bug:

Open a file

alt control underscore 50000000000000000000 (over max intergar)
it will give you: [ Invalid line or column number ]
now that's good, but then if you alt control underscore 20, it will give you
that message aswell.
and it will always give you that message until you exit out of nano, and
restart it.

And thank you for reporting this also!  Looks like it's been broken
since 2004.   Fixed in r4563 and will be in 2.3.2.  We'll probably
also need to put it into a 2.2.7 release after I take a look at the
first bug you mention.

Have a great weekend.

Thanks
a

Joshua Rogers - Retro Game Collector && IT Security Specialist
gpg pubkey
On 12/01/13 14:01, Chris Allegretta wrote:

This one is fine Joshua

On Fri, Jan 11, 2013 at 7:11 PM, Joshua Rogers <address@hidden> wrote:

Which email would be the best to report a vulnerability in GNU Nano?

Thanks


--
Joshua Rogers - Retro Game Collector && IT Security Specialist
gpg pubkey

_______________________________________________
Nano-devel mailing list
address@hidden
https://lists.gnu.org/mailman/listinfo/nano-devel