VULHUB ™

slrn is a freely available NTTP reader by Thomas Schultz. It is maintained and developed by the slrn project. A problem in the program has been discovered that could allow arbitrary command execution. When a user of slrn downloads a post with a binary contained, slrn will execute any shell script contained in the post included with the binary. This could lead to arbitrary command execution, and a remote user gaining access to the system with the privileges of the slrn user. This is currently known to affect only Debian Linux.

slrn is a freely available NTTP reader by Thomas Schultz. It is maintained and developed by the slrn project. A problem in the program has been discovered that could allow arbitrary command execution. When a user of slrn downloads a post with a binary contained, slrn will execute any shell script contained in the post included with the binary. This could lead to arbitrary command execution, and a remote user gaining access to the system with the privileges of the slrn user. This is currently known to affect only Debian Linux.