Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 866356 (CVE-2022-36633)

Summary: sys-cluster/teleport: remote code execution
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: CONFIRMED ---    
Severity: trivial CC: graemelawes, proxy-maint
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://packetstormsecurity.com/files/168137/Teleport-9.3.6-Command-Injection.html
Whiteboard: ~1 [ebuild]
Package list:
Runtime testing required: ---

Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-08-24 17:13:26 UTC 
CVE-2022-36633:

Teleport 9.3.6 is vulnerable to Command injection leading to Remote Code Execution. An attacker can craft a malicious ssh agent installation link by URL encoding a bash escape with carriage return line feed. This url encoded payload can be used in place of a token and sent to a user in a social engineering attack. This is fully unauthenticated attack utilizing the trusted teleport server to deliver the payload.