###################################################################
# 0day vulnerability Sogou input method to obtain system privileges
###################################################################
Vulnerability:
Do not intend to found a very serious vulnerability, and the year 3389 input loophole similar.However, no system was not being loaded does not affect input method (logged in system).
If the remote server installed , sign-on system is loaded after the search dogs, but not timely write-off or kill off Sogou input method directly to shut down the remote connection,
then the server is very dangerous strategy.
Test environment:
OS: windows 7 ultimate
SKK insecurely creates temporary files.
Background
==========
SKK is a Japanese input method for Emacs.
Affected packages
=================
-------------------------------------------------------------------
arbitrary commands on the system as the user the Cacti polling mechanism
runs as (usually a non-priviledged user).
For example, it is possible to successfully spawn (and connect to) a
backdoor/remote shell on the Cacti system by changing the "Data Input
Method" for "Linux - Get Memory Usage". Setting "Input String" to
nohup nc -l -p 6666 -n -e /bin/sh &
would spawn a remotely accessible shell whenever this handler was called
(every couple of minutes by default on my Debian test system).
Cacti developers say:
CVE-2009-4112
It has been discovered that cacti allows authenticated administrator
users to gain access to the host system by executing arbitrary commands
via the "Data Input Method" for the "Linux - Get Memory Usage" setting.
There is no fix for this issue at this stage. Upstream will implement a
whitelist policy to only allow certain "safe" commands. For the moment,
we recommend that such access is only given to trusted users and that
the options "Data Input" and "User Administration" are otherwise
