Short Bytes: A team of researchers has found an exploit in the Linux-based Red Star OS 3 created by North Korea. They can install malware on a machine after the user clicks on a hyperlink giving them the access to the computer and remotely execute commands.North Korea built its own Linux distro which was dubbed as the worst Linux distro ever. A security firm known as Hacker House has found a vulnerability that can compromise the Red Star OS 3 using a malicious link.
The default web browser on the Red Star OS is Naenara – it is a window to North Korea’s internet having just 28 websites – which is based on Mozilla Firefox. It can be used to take advantage of a client-side remote exploit and gain access to the system after installing a malware via a hyperlink clicked by the user.
The attack can be used for arbitrary remote code injection.
The team said while they were searching for vulnerabilities they found that registered URL handlers were automatically passed to a command-line application called ‘/usr/bin/nnrurlshow’.
“This application (aside from having null ptr de-refs and other cute bugs) takes URI arguments for registered URI handlers when handling application requests such as “mailto” and “cal”. Naenara doesn’t sanitize the command line when handling these URI argument requests and as such you can trivially obtain code execution by passing malformed links to the nnrurlshow binary,” wrote the team.
If you have something to add, tell us in the comments below.