c2c-oerpscenario team mailing list archive

Thread
Date

[Bug 671926] Re: NET-RPC client-side stack should sanitize pickled data

To: c2c-oerpscenario@xxxxxxxxxxxxxxxxxxx
From: "Antony Lesuisse \(OpenERP\)" <al@xxxxxxxxxxx>
Date: Tue, 06 Sep 2011 10:30:32 -0000
Reply-to: Bug 671926 <671926@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: openobject-client-web
       Status: Confirmed => Won't Fix

** Changed in: openobject-client-web/5.0
       Status: Confirmed => Won't Fix

-- 
You received this bug notification because you are a member of C2C
OERPScenario, which is subscribed to the OpenERP Project Group.
https://bugs.launchpad.net/bugs/671926

Title:
  NET-RPC client-side stack should sanitize pickled data

Status in OpenERP GTK Client:
  Fix Released
Status in OpenERP GTK Client 5.0 series:
  Confirmed
Status in OpenERP Web Client:
  Won't Fix
Status in OpenERP Web Client 5.0 series:
  Won't Fix

Bug description:
  It's possible to execute arbritrary code on client using net-rpc
  (pickle protocol) see http://nadiana.com/python-pickle-insecure

  If you use the client to connect to some demo server and this demo
  server is malicious, it can send malicious code which is executed in
  client side.

  I attach a exploit server who sends code to execute to client. Run a
  ls -l and redirect the output to proof_of_exploit.txt file.

  This bug was fixed in the server, but not in the client.
  Affects versions 4.2, 5.X and 6.X

To manage notifications about this bug go to:
https://bugs.launchpad.net/openobject-client/+bug/671926/+subscriptions