SB2019050638 - Exposed dangerous method or function in python2-tkinter (Alpine package)
Published: May 6, 2019
Security Bulletin ID
SB2019050638
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Information disclosure
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Exposed dangerous method or function (CVE-ID: CVE-2019-9948)
The vulnerability allows a remote attacker to bypass certain security restrictions.
The vulnerability exists due to urllib implementation in Python 2.x supports the local_file: scheme. An attacker with ability to control input data, such as URL, can bypass protection mechanisms that blacklist file: URIs and view contents of arbitrary file on the system.
PoC:
urllib.urlopen('local_file:///etc/passwd') Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=fa23adfbfb1cbac13db3251e811e4e0773e8b6b8
- https://git.alpinelinux.org/aports/commit/?id=5372bc29f308df62681eb2d705259cd5cc9b5448
- https://git.alpinelinux.org/aports/commit/?id=c01f27f5016fb801d36ffea67177a9f2f6b6f784
- https://git.alpinelinux.org/aports/commit/?id=881a54816216d011d1d27286df2693851c86caef
- https://git.alpinelinux.org/aports/commit/?id=40a4951871b0a2e718de6a07e0772730fc280d06
- https://git.alpinelinux.org/aports/commit/?id=e9bd8a37793b2737c60e8aabb4e30540de6420cc
- https://git.alpinelinux.org/aports/commit/?id=9c34a237cf52d34f870ec322b8a00a19f72b4616
- https://git.alpinelinux.org/aports/commit/?id=63295e4a667669a5dadf360d6a5e0d3ca67af2c1
- https://git.alpinelinux.org/aports/commit/?id=9b8d163f3a9143f9623a5320355ce9901a8f0feb
- https://git.alpinelinux.org/aports/commit/?id=2757235ef94f59233d2dc36eff13adabb4b91306
- https://git.alpinelinux.org/aports/commit/?id=7c21d88133f9983684374fb245b39b92e0bef5b8