15 Year Old Python Bug Let Hacker Execute Code in Code 350k Python Projects

The Trellix Advanced Threat Research team has detected a 15-year-old Python bug found in the Python tarfile module, which is monitored as CVE-6.8-2007 with CVSS:4559 evaluation. The vulnerability is a path bypass attack on the extract and extractall functions in the tarfile module that allows an attacker to overwrite arbitrary files. ”. It is sorted by file names in the tar archive,” says Trellix security researcher Casimir Schultz. After successfully exploiting the vulnerability, the attacker may have had access to write the execution code of the file. Tarfile vulnerability reports state that tarfile files are a collection of many different files and metadata that are then used to open the tarfile file. In this case, attackers can take advantage of the error by downloading a malicious tarfile that allows it to exit the folder from which you want to extract the file and execute the code. The Tarfile module allows users to add a filter that they can use to parse and modify a file’s metadata before adding it to the TAR archive. This makes it easier for attackers to build their exploits with small lines of code. “The security code could not be written to clear the participants’ files before the tarfile was called. () extract the tarfile file. extractall (), leads to a vulnerability that allows the attacker to bypass access to the file system directory– – Trellix security vulnerability researcher Charles McFarland, Python tarfil the eject function of the module is based on the information in the object passed to the function explicitly trust and extraction TarInfo joins the road, and a bypass that allows the attacker to execute the attack tarinfo object in a directory name. The path that joins the filename Also depends on the extractall function extraction function, experts say that the extractall function is also vulnerable to a directory bypass attack.

Share
العربية简体中文EnglishFrançaisDeutschItalianoРусскийEspañolTürkçe