CVE-2017-20229

Name of the Vulnerable Software and Affected Versions MAWK versions 1.3.3-17 and earlier

Description MAWK versions 1.3.3-17 and prior contain a stack-based buffer overflow that allows attackers to execute arbitrary code. This is due to inadequate boundary checks on user-supplied input. Attackers can create malicious input that overflows the stack buffer and execute a return-oriented programming chain to spawn a shell with application privileges.

Recommendations Update MAWK to a version later than 1.3.3-17.