TU Berlin

Office of Communication, Events and AlumniMedia Information No. 46 E

Page Content

to Navigation

TU Berlin Researchers Discover Vulnerability in Sharelatex

Monday, 02. March 2015

Media Information No. 46E/2015

In early January 2015 researchers of Prof. Dr. Jean-Pierre Seifert's chair of Security in Telecommunications at the Institute of Software-Engineering and Theoretical Computer Science discovered two vulnerabilities in Sharelatex[0]. Sharelatex is a software used for the collaborative creation of scientific documents. It is utilized by scientists in many research institutes around the world, including Ivy-League Universities and NASA. The open-source version found its way to further research institutes with national and international reputation.

Prof. Dr. Seifert's group demonstrated that the underlying text-processing software allows an attacker to read arbitrary files on an affected server. Even though this already constitutes a dramatic error on systems harboring future scientific publications, they found a second vulnerability that allows attackers to execute arbitrary code on the server.

In coordination with cert.org these issues were directly communicated to the developers of Sharelatex, who immediately patched the vulnerabilities. To allow all affected parties to secure their systems, it was decided to postpone publication until today, 2nd of March 2015. At the same time sharelatex publishes version 0.1.3 of their software, which includes the necessary patches.

Technical Details:
Arbitrary file read was possible via the LaTeX-command "\include{}", and the vulnerability is tracked as CVE-2015-0933. Remote Code Execution was possible via filenames of the form "`command`.tex" and is tracked as CVE-2015-0934.

bk

For further information please contact:

Prof. Dr. Jean-Pierre Seifert
TU Berlin
Chair of Security in Telecommunications
Tel.: 030/8353-58481

Navigation

Quick Access

Schnellnavigation zur Seite über Nummerneingabe