1. Reverse Engineering >
  2. Exploits >
  3. PathTools bis 3.61 File::Spec Module canonpath erweiterte Rechte


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

PathTools bis 3.61 File::Spec Module canonpath erweiterte Rechte

RSS Kategorie Pfeil Exploits vom | Quelle: scip.ch Direktlink öffnen

Allgemein

scipID: 80208
Betroffen: PathTools bis 3.61
Veröffentlicht: 13.01.2016
Risiko: problematisch

Erstellt: 14.01.2016
Eintrag: 66.2% komplett

Beschreibung

Es wurde eine problematische Schwachstelle in PathTools bis 3.61 entdeckt. Dabei betrifft es die Funktion canonpath der Komponente File::Spec Module. Durch das Manipulieren mit einer unbekannten Eingabe kann eine erweiterte Rechte-Schwachstelle (Taint) ausgenutzt werden. Das hat Auswirkungen auf Vertraulichkeit, Integrität und Verfügbarkeit. CVE fasst zusammen:

The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.

Die Schwachstelle wurde am 13.01.2016 publik gemacht. Die Verwundbarkeit wird unter CVE-2015-8607 geführt. Es sind zwar technische Details, jedoch kein verfügbarer Exploit zur Schwachstelle bekannt.

Ein Upgrade auf die Version 3.62 vermag dieses Problem zu beheben.

CVSS

Base Score: 4.1 (CVSS2#AV:A/AC:M/Au:S/C:P/I:P/A:P) [?]
Temp Score: 3.6 (CVSS2#E:ND/RL:OF/RC:ND) [?]

CPE

Exploiting

Klasse: Erweiterte Rechte
Lokal: Ja
Remote: Nein

Verfügbarkeit: Nein

Aktuelle Preisschätzung: $2k-$5k (0-day) / $0-$1k (Heute)

Gegenmassnahmen

Empfehlung: Upgrade
Status: Offizieller Fix
0-Day Time: 0 Tage seit gefunden

Upgrade: PathTools 3.62

Timeline

13.01.2016 | Advisory veröffentlicht
14.01.2016 | VulDB Eintrag erstellt
14.01.2016 | VulDB Eintrag aktualisiert

Quellen

CVE: CVE-2015-8607 (mitre.org) (nvd.nist.org) (cvedetails.com)

...

Webseite öffnen Komplette Webseite öffnen

Newsbewertung

Kommentiere zu PathTools bis 3.61 File::Spec Module canonpath erweiterte Rechte






Ähnliche Beiträge

  • 1. PathTools bis 3.61 File::Spec Module canonpath erweiterte Rechte vom 4094.43 Punkte ic_school_black_18dp
    Allgemein scipID: 80208 Betroffen: PathTools bis 3.61 Veröffentlicht: 13.01.2016 Risiko: problematisch Erstellt: 14.01.2016 Eintrag: 66.2% komplett Beschreibung Es wurde eine problematische Schwachstelle in PathTools bis 3.61 entdeckt. Dabei
  • 2. Anno 1404 per wine wouldn't start vom 498.98 Punkte ic_school_black_18dp
    Hello, I'm not a very new Linux user nor am I very deep into the Unix system. I recently got a game that I'd like to play again and installed it via wine. Starting Anno 1404 I can see the ingame mouse for a second before it crashes. I run Manjaro Linux wi
  • 3. Strelka - Scanning Files At Scale With Python And ZeroMQ vom 129.44 Punkte ic_school_black_18dp
    Strelka is a real-time file scanning system used for threat hunting, threat detection, and incident response. Based on the design established by Lockheed Martin's Laika BOSS and similar projects (see: related projects), Strelka's purpose is to perform
  • 4. Scrounger - Mobile Application Testing Toolkit vom 120.09 Punkte ic_school_black_18dp
    Scrounger - a person who borrows from or lives off others. There is no better description for this tool for two main reasons, the first is because this tool takes inspiration from many other tools that have already been published, the second reason is because it lives off mobile application's vulnerabilities. Why Even th
  • 5. Better template support and error detection in C++ Modules with MSVC 2017 version 15.9 vom 119.51 Punkte ic_school_black_18dp
    Overview It has been a long time since we last talked about C++ Modules. We feel it is time to revisit what has been happening under the hood of MSVC for modules. The Visual C++ Team has been dedicated to pushing conformance to the standard w
  • 6. Better template support and error detection in C++ Modules with MSVC 2017 version 15.9 vom 119.51 Punkte ic_school_black_18dp
    Overview It has been a long time since we last talked about C++ Modules. We feel it is time to revisit what has been happening under the hood of MSVC for modules. The Visual C++ Team has been dedicated to pushing conformance to the standard w
  • 7. ZIP Shotgun - Utility Script To Test Zip File Upload Functionality (And Possible Extraction Of Zip Files) For Vulnerabilities vom 107.34 Punkte ic_school_black_18dp
    Utility script to test zip file upload functionality (and possible extraction of zip files) for vulnerabilities. Idea for this script comes from this post on Silent Signal Techblog - Compressed File Upload And Command Execution and from OWASP - Test Upload of Malicious Files This script will create archive which contains files with "../" in filename. When extracting this could cause files to be extr
  • 8. Nameles - Open Source Entropy Based Invalid Traffic Detection And Pre-Bid Filtering vom 105.59 Punkte ic_school_black_18dp
    Nameles provides an easy to deploy, scalable IVT detection and filtering solution that is proven to detect at a high level of accuracy ad fraud and other types of invalid traffic such as web scraping. For a high level overview you might want to check out
  • 9. How to improve app design for Wear 2.0 vom 104.45 Punkte ic_school_black_18dp
    Posted by Steven Tepper, App Quality Consultant, Google Play Wear 2.0 launched back in February with added support for new hardware features in addition to adopting new Material Design themes, guidelines, and a simpler vertical UI pattern. It also in
  • 10. Scannerl - The Modular Distributed Fingerprinting Engine vom 97.42 Punkte ic_school_black_18dp
    Scannerl is a modular distributed fingerprinting engine implemented by Kudelski Security. Scannerl can fingerprint thousands of targets on a single host, but can just as easily be distributed across multiple hosts. Scannerl is to fingerprinting what zmap
  • 11. [SA-CONTRIB-2016-040] Specially crafted requests allow arbitrary PHP execution vom 91.82 Punkte ic_school_black_18dp
    RESTWS alters the default page callbacks for entities to provide additional functionality. A vulnerability in this approach allows an attacker to send specially crafted requests resulting in arbitrary PHP execution. There are no mitigating factors. This vulne
  • 12. [SA-CONTRIB-2016-039] Arbitrary PHP code execution vom 82.78 Punkte ic_school_black_18dp
    The Coder module checks your Drupal code against coding standards and other best practices. It can also fix coding standard violations and perform basic upgrades on modules. The module doesn't sufficiently validate user inputs in a script file that h