logo
 
  1. Reverse Engineering >
  2. Exploits >
  3. PathTools bis 3.61 File::Spec Module canonpath erweiterte Rechte


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

PathTools bis 3.61 File::Spec Module canonpath erweiterte Rechte


Exploits vom | Direktlink: scip.ch Nachrichten Bewertung

Allgemein

scipID: 80208
Betroffen: PathTools bis 3.61
Veröffentlicht: 13.01.2016
Risiko: problematisch

Erstellt: 14.01.2016
Eintrag: 66.2% komplett

Beschreibung

Es wurde eine problematische Schwachstelle in PathTools bis 3.61 entdeckt. Dabei betrifft es die Funktion canonpath der Komponente File::Spec Module. Durch das Manipulieren mit einer unbekannten Eingabe kann eine erweiterte Rechte-Schwachstelle (Taint) ausgenutzt werden. Das hat Auswirkungen auf Vertraulichkeit, Integrität und Verfügbarkeit. CVE fasst zusammen:

The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.

Die Schwachstelle wurde am 13.01.2016 publik gemacht. Die Verwundbarkeit wird unter CVE-2015-8607 geführt. Es sind zwar technische Details, jedoch kein verfügbarer Exploit zur Schwachstelle bekannt.

Ein Upgrade auf die Version 3.62 vermag dieses Problem zu beheben.

CVSS

Base Score: 4.1 (CVSS2#AV:A/AC:M/Au:S/C:P/I:P/A:P) [?]
Temp Score: 3.6 (CVSS2#E:ND/RL:OF/RC:ND) [?]

CPE

Exploiting

Klasse: Erweiterte Rechte
Lokal: Ja
Remote: Nein

Verfügbarkeit: Nein

Aktuelle Preisschätzung: $2k-$5k (0-day) / $0-$1k (Heute)

Gegenmassnahmen

Empfehlung: Upgrade
Status: Offizieller Fix
0-Day Time: 0 Tage seit gefunden

Upgrade: PathTools 3.62

Timeline

13.01.2016 | Advisory veröffentlicht
14.01.2016 | VulDB Eintrag erstellt
14.01.2016 | VulDB Eintrag aktualisiert

Quellen

CVE: CVE-2015-8607 (mitre.org) (nvd.nist.org) (cvedetails.com)

...

http://www.scip.ch/?vuldb.80208

Externe Webseite mit kompletten Inhalt öffnen

Kommentiere zu PathTools bis 3.61 File::Spec Module canonpath erweiterte Rechte






➤ Ähnliche Beiträge

  • 1.

    PathTools bis 3.61 File::Spec Module canonpath erweiterte Rechte

    vom 4452.58 Punkte ic_school_black_18dp
    Allgemein scipID: 80208 Betroffen: PathTools bis 3.61 Veröffentlicht: 13.01.2016 Risiko: problematisch Erstellt: 14.01.2016 Eintrag: 66.2% komplett Beschreibung Es wurde eine problematische Schwachstelle in PathTools bis 3.61 entdeckt. Dabe
  • 2.

    Anno 1404 per wine wouldn't start

    vom 380.44 Punkte ic_school_black_18dp
    Hello, I'm not a very new Linux user nor am I very deep into the Unix system. I recently got a game that I'd like to play again and installed it via wine. Starting Anno 1404 I can see the ingame mouse for a second before it crashes. I run Manjaro Linux w
  • 3.

    Seccomp Tools - Provide Powerful Tools For Seccomp Analysis

    vom 129.87 Punkte ic_school_black_18dp
    Provide powerful tools for seccomp analysis.This project is targeted to (but not limited to) analyze seccomp sandbox in CTF pwn challenges. Some features might be CTF-specific, but still useful for analyzing seccomp in real-case.Features Dump - Automaticall
  • 4.

    HPR2948: Testing with Haskell

    vom 127.03 Punkte ic_school_black_18dp
    Intro I have liked writing automated tests for a long time, so it’s not a surprise that I end up writing them in Haskell too. This is very broad topic, so this episode only scratches the surface. HSpec HSpec is testing framework that automaticall
  • 5.

    Strelka - Scanning Files At Scale With Python And ZeroMQ

    vom 115.82 Punkte ic_school_black_18dp
    Strelka is a real-time file scanning system used for threat hunting, threat detection, and incident response. Based on the design established by Lockheed Martin's Laika BOSS and similar projects (see: related projects), Strelka's purpose is to perfor
  • 6.

    ZIP Shotgun - Utility Script To Test Zip File Upload Functionality (And Possible Extraction Of Zip Files) For Vulnerabilities

    vom 96.05 Punkte ic_school_black_18dp
    Utility script to test zip file upload functionality (and possible extraction of zip files) for vulnerabilities. Idea for this script comes from this post on Silent Signal Techblog - Compressed File Upload And Command Execution and from OWASP - Test Upload of Malicious Files This script will create archive which contains files with "../" in filename. When extracting this could cause files to be ext
  • 7.

    Scrounger - Mobile Application Testing Toolkit

    vom 94.61 Punkte ic_school_black_18dp
    Scrounger - a person who borrows from or lives off others. There is no better description for this tool for two main reasons, the first is because this tool takes inspiration from many other tools that have already been published, the second reason is because it lives off mobile application's vulnerabilities. Why Even t
  • 8.

    AutoMacTC - Automated Mac Forensic Triage Collector

    vom 93.13 Punkte ic_school_black_18dp
    This is a modular forensic triage collection framework designed to access various forensic artifacts on macOS, parse them, and present them in formats viable for analysis. The output may provide valuable insights for incident response in a macOS environmen
  • 9.

    Better template support and error detection in C++ Modules with MSVC 2017 version 15.9

    vom 91.65 Punkte ic_school_black_18dp
    Overview It has been a long time since we last talked about C++ Modules. We feel it is time to revisit what has been happening under the hood of MSVC for modules. The Visual C++ Team has been dedicated to pushing conformance to the standard 
  • 10.

    Better template support and error detection in C++ Modules with MSVC 2017 version 15.9

    vom 91.65 Punkte ic_school_black_18dp
    Overview It has been a long time since we last talked about C++ Modules. We feel it is time to revisit what has been happening under the hood of MSVC for modules. The Visual C++ Team has been dedicated to pushing conformance to the standard 
  • 11.

    grapheneX - Automated System Hardening Framework

    vom 90.31 Punkte ic_school_black_18dp
    grapheneXIn computing, hardening is usually the process of securing a system by reducing its surface of vulnerability, which is larger when a system performs more functions; in principle a single-function system is more secure than a multipurpose one. Red
  • 12.

    How to improve app design for Wear 2.0

    vom 84.69 Punkte ic_school_black_18dp
    Posted by Steven Tepper, App Quality Consultant, Google Play Wear 2.0 launched back in February with added support for new hardware features in addition to adopting new Material Design themes, guidelines, and a simpler vertical UI pattern. It also i