1. Reverse Engineering >
  2. Exploits >
  3. PathTools bis 3.61 File::Spec Module canonpath erweiterte Rechte


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

PathTools bis 3.61 File::Spec Module canonpath erweiterte Rechte

RSS Kategorie Pfeil Exploits vom | Quelle: scip.ch Direktlink öffnen

Allgemein

scipID: 80208
Betroffen: PathTools bis 3.61
Veröffentlicht: 13.01.2016
Risiko: problematisch

Erstellt: 14.01.2016
Eintrag: 66.2% komplett

Beschreibung

Es wurde eine problematische Schwachstelle in PathTools bis 3.61 entdeckt. Dabei betrifft es die Funktion canonpath der Komponente File::Spec Module. Durch das Manipulieren mit einer unbekannten Eingabe kann eine erweiterte Rechte-Schwachstelle (Taint) ausgenutzt werden. Das hat Auswirkungen auf Vertraulichkeit, Integrität und Verfügbarkeit. CVE fasst zusammen:

The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.

Die Schwachstelle wurde am 13.01.2016 publik gemacht. Die Verwundbarkeit wird unter CVE-2015-8607 geführt. Es sind zwar technische Details, jedoch kein verfügbarer Exploit zur Schwachstelle bekannt.

Ein Upgrade auf die Version 3.62 vermag dieses Problem zu beheben.

CVSS

Base Score: 4.1 (CVSS2#AV:A/AC:M/Au:S/C:P/I:P/A:P) [?]
Temp Score: 3.6 (CVSS2#E:ND/RL:OF/RC:ND) [?]

CPE

Exploiting

Klasse: Erweiterte Rechte
Lokal: Ja
Remote: Nein

Verfügbarkeit: Nein

Aktuelle Preisschätzung: $2k-$5k (0-day) / $0-$1k (Heute)

Gegenmassnahmen

Empfehlung: Upgrade
Status: Offizieller Fix
0-Day Time: 0 Tage seit gefunden

Upgrade: PathTools 3.62

Timeline

13.01.2016 | Advisory veröffentlicht
14.01.2016 | VulDB Eintrag erstellt
14.01.2016 | VulDB Eintrag aktualisiert

Quellen

CVE: CVE-2015-8607 (mitre.org) (nvd.nist.org) (cvedetails.com)

...

Webseite öffnen Komplette Webseite öffnen

Newsbewertung

Kommentiere zu PathTools bis 3.61 File::Spec Module canonpath erweiterte Rechte






Ähnliche Beiträge

  • 1. PathTools bis 3.61 File::Spec Module canonpath erweiterte Rechte vom 4478.01 Punkte ic_school_black_18dp
    Allgemein scipID: 80208 Betroffen: PathTools bis 3.61 Veröffentlicht: 13.01.2016 Risiko: problematisch Erstellt: 14.01.2016 Eintrag: 66.2% komplett Beschreibung Es wurde eine problematische Schwachstelle in PathTools bis 3.61 entdeckt. Dabei
  • 2. Anno 1404 per wine wouldn't start vom 393.79 Punkte ic_school_black_18dp
    Hello, I'm not a very new Linux user nor am I very deep into the Unix system. I recently got a game that I'd like to play again and installed it via wine. Starting Anno 1404 I can see the ingame mouse for a second before it crashes. I run Manjaro Linux wi
  • 3. Seccomp Tools - Provide Powerful Tools For Seccomp Analysis vom 135.11 Punkte ic_school_black_18dp
    Provide powerful tools for seccomp analysis.This project is targeted to (but not limited to) analyze seccomp sandbox in CTF pwn challenges. Some features might be CTF-specific, but still useful for analyzing seccomp in real-case.Features Dump - Automatically
  • 4. Strelka - Scanning Files At Scale With Python And ZeroMQ vom 127.46 Punkte ic_school_black_18dp
    Strelka is a real-time file scanning system used for threat hunting, threat detection, and incident response. Based on the design established by Lockheed Martin's Laika BOSS and similar projects (see: related projects), Strelka's purpose is to perform
  • 5. ZIP Shotgun - Utility Script To Test Zip File Upload Functionality (And Possible Extraction Of Zip Files) For Vulnerabilities vom 105.7 Punkte ic_school_black_18dp
    Utility script to test zip file upload functionality (and possible extraction of zip files) for vulnerabilities. Idea for this script comes from this post on Silent Signal Techblog - Compressed File Upload And Command Execution and from OWASP - Test Upload of Malicious Files This script will create archive which contains files with "../" in filename. When extracting this could cause files to be extr
  • 6. Scrounger - Mobile Application Testing Toolkit vom 99.28 Punkte ic_school_black_18dp
    Scrounger - a person who borrows from or lives off others. There is no better description for this tool for two main reasons, the first is because this tool takes inspiration from many other tools that have already been published, the second reason is because it lives off mobile application's vulnerabilities. Why Even th
  • 7. Better template support and error detection in C++ Modules with MSVC 2017 version 15.9 vom 95.1 Punkte ic_school_black_18dp
    Overview It has been a long time since we last talked about C++ Modules. We feel it is time to revisit what has been happening under the hood of MSVC for modules. The Visual C++ Team has been dedicated to pushing conformance to the standard w
  • 8. Better template support and error detection in C++ Modules with MSVC 2017 version 15.9 vom 95.1 Punkte ic_school_black_18dp
    Overview It has been a long time since we last talked about C++ Modules. We feel it is time to revisit what has been happening under the hood of MSVC for modules. The Visual C++ Team has been dedicated to pushing conformance to the standard w
  • 9. grapheneX - Automated System Hardening Framework vom 94.08 Punkte ic_school_black_18dp
    grapheneXIn computing, hardening is usually the process of securing a system by reducing its surface of vulnerability, which is larger when a system performs more functions; in principle a single-function system is more secure than a multipurpose one. Redu
  • 10. How to improve app design for Wear 2.0 vom 87.19 Punkte ic_school_black_18dp
    Posted by Steven Tepper, App Quality Consultant, Google Play Wear 2.0 launched back in February with added support for new hardware features in addition to adopting new Material Design themes, guidelines, and a simpler vertical UI pattern. It also in
  • 11. Scannerl - The Modular Distributed Fingerprinting Engine vom 83.29 Punkte ic_school_black_18dp
    Scannerl is a modular distributed fingerprinting engine implemented by Kudelski Security. Scannerl can fingerprint thousands of targets on a single host, but can just as easily be distributed across multiple hosts. Scannerl is to fingerprinting what zmap
  • 12. Nameles - Open Source Entropy Based Invalid Traffic Detection And Pre-Bid Filtering vom 83.2 Punkte ic_school_black_18dp
    Nameles provides an easy to deploy, scalable IVT detection and filtering solution that is proven to detect at a high level of accuracy ad fraud and other types of invalid traffic such as web scraping. For a high level overview you might want to check out