SB2018021404 - Remote code execution in PyBitmessage
Published: February 14, 2018
Security Bulletin ID
SB2018021404
Severity
Critical
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Remote code execution (CVE-ID: N/A)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to a message encoding bug. A remote attacker can send a specially crafted message, run an automated script looking in ~/.electrum/wallets, open a remote reverse shell, gain access to other files and execute arbitrary code.
Successful exploitation of the vulnerability results in system compromise.
Note: the vulnerability has been actively exploited to create a remote shell and steal bitcoins from Electrum wallets.
Remediation
Install update from vendor's website.