CVE-2013-7069 Information

Description

ack 2.00 through 2.11_02 allows remote attackers to execute arbitrary code via a (1) –pager (2) –regex or (3) –output option in a .ackrc file in a directory to be searched.

Reference

http://lists.opensuse.org/opensuse-updates/2014-01/msg00094.html http://seclists.org/oss-sec/2013/q4/484 http://secunia.com/advisories/55982 http://www.securityfocus.com/bid/64196 https://github.com/petdance/ack2/issues/399