Amazon Linux AMI update for ant

Published: 2018-07-26

Risk	Low
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2018-10886
CWE-ID	CWE-20
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	Amazon Linux AMI Operating systems & Components / Operating system
Vendor	Amazon Web Services

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Improper input validation

EUVDB-ID: #VU13998

Risk: Low

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-10886

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to create or overwrite arbitrary files on the target system.

The vulnerability exists due to the affected software allows archive files to be extracted outside of the target directory. A remote unauthenticated attacker can submit a specially crafted ZIP or TAR archive to an Ant build, trick the victim into extracting it, cause a file to be created outside the current working directory on the system and create or overwrite arbitrary files.

Mitigation

Update the affected packages.

noarch:
    ant-javadoc-1.8.3-1.14.amzn1.noarch
    ant-commons-net-1.8.3-1.14.amzn1.noarch
    ant-commons-logging-1.8.3-1.14.amzn1.noarch
    ant-antlr-1.8.3-1.14.amzn1.noarch
    ant-apache-oro-1.8.3-1.14.amzn1.noarch
    ant-apache-resolver-1.8.3-1.14.amzn1.noarch
    ant-1.8.3-1.14.amzn1.noarch
    ant-scripts-1.8.3-1.14.amzn1.noarch
    ant-testutil-1.8.3-1.14.amzn1.noarch
    ant-swing-1.8.3-1.14.amzn1.noarch
    ant-manual-1.8.3-1.14.amzn1.noarch
    ant-jdepend-1.8.3-1.14.amzn1.noarch
    ant-apache-bsf-1.8.3-1.14.amzn1.noarch
    ant-apache-xalan2-1.8.3-1.14.amzn1.noarch
    ant-jmf-1.8.3-1.14.amzn1.noarch
    ant-javamail-1.8.3-1.14.amzn1.noarch
    ant-apache-log4j-1.8.3-1.14.amzn1.noarch
    ant-apache-bcel-1.8.3-1.14.amzn1.noarch
    ant-jsch-1.8.3-1.14.amzn1.noarch
    ant-junit-1.8.3-1.14.amzn1.noarch
    ant-apache-regexp-1.8.3-1.14.amzn1.noarch

src:
    ant-1.8.3-1.14.amzn1.src

Vulnerable software versions

Amazon Linux AMI: All versions

CPE2.3

cpe:2.3:o:amazon_web_services:amazon_linux_ami:*:*:*:*:*:*:*:*

External links

https://alas.aws.amazon.com/ALAS-2018-1047.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.