github - ghsa-5frx-8vj6-294f

ghsa-5frx-8vj6-294f

Vulnerability from github

Published

2024-02-09 09:31

Modified

2024-02-09 09:31

Details

KiTTY versions 0.76.1.13 and before is vulnerable to command injection via the filename variable, occurs due to insufficient input sanitization and validation, failure to escape special characters, and insecure system calls (at lines 2369-2390). This allows an attacker to add inputs inside the filename variable, leading to arbitrary code execution.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-23749"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-09T08:15:08Z",
    "severity": null
  },
  "details": "KiTTY versions 0.76.1.13 and before is vulnerable to command injection via the filename variable, occurs due to insufficient input sanitization and validation, failure to escape special characters, and insecure system calls (at lines 2369-2390). This allows an attacker to add inputs inside the filename variable, leading to arbitrary code execution.",
  "id": "GHSA-5frx-8vj6-294f",
  "modified": "2024-02-09T09:31:31Z",
  "published": "2024-02-09T09:31:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23749"
    },
    {
      "type": "WEB",
      "url": "https://blog.defcesco.io/CVE-2024-23749"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/177031/KiTTY-0.76.1.13-Command-Injection.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2024-23749

Vulnerability from cvelistv5

Published

2024-02-09 00:00

Modified

2024-08-01 23:13

Severity ?

Summary

References

▼	URL	Tags
	http://packetstormsecurity.com/files/177031/KiTTY-0.76.1.13-Command-Injection.html
	https://blog.defcesco.io/CVE-2024-23749
	http://seclists.org/fulldisclosure/2024/Feb/13	mailing-list
	http://seclists.org/fulldisclosure/2024/Feb/14	mailing-list

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:13:07.434Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/177031/KiTTY-0.76.1.13-Command-Injection.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.defcesco.io/CVE-2024-23749"
          },
          {
            "name": "20240213 Command Injection Vulnerability in KiTTY Get Remote File Through SCP Input (CVE-2024-23749)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Feb/13"
          },
          {
            "name": "20240213 Buffer Overflow Vulnerabilities in KiTTY Start Duplicated Session Hostname (CVE-2024-25003) \u0026 Username (CVE-2024-25004) Variables",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Feb/14"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "KiTTY versions 0.76.1.13 and before is vulnerable to command injection via the filename variable, occurs due to insufficient input sanitization and validation, failure to escape special characters, and insecure system calls (at lines 2369-2390). This allows an attacker to add inputs inside the filename variable, leading to arbitrary code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-14T04:06:00.298140",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "http://packetstormsecurity.com/files/177031/KiTTY-0.76.1.13-Command-Injection.html"
        },
        {
          "url": "https://blog.defcesco.io/CVE-2024-23749"
        },
        {
          "name": "20240213 Command Injection Vulnerability in KiTTY Get Remote File Through SCP Input (CVE-2024-23749)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://seclists.org/fulldisclosure/2024/Feb/13"
        },
        {
          "name": "20240213 Buffer Overflow Vulnerabilities in KiTTY Start Duplicated Session Hostname (CVE-2024-25003) \u0026 Username (CVE-2024-25004) Variables",
          "tags": [
            "mailing-list"
          ],
          "url": "http://seclists.org/fulldisclosure/2024/Feb/14"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-23749",
    "datePublished": "2024-02-09T00:00:00",
    "dateReserved": "2024-01-21T00:00:00",
    "dateUpdated": "2024-08-01T23:13:07.434Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted