#VU13998 Improper input validation in Apache Ant - CVE-2018-10886

Cybersecurity Help s.r.o.

Published: 2018-07-25 | Updated: 2018-07-26

Vulnerability identifier: #VU13998

Vulnerability risk: Low

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-10886

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Apache Ant
Universal components / Libraries / Libraries used by multiple products

Vendor: Apache Foundation

Description

The vulnerability allows a remote attacker to create or overwrite arbitrary files on the target system.

The vulnerability exists due to the affected software allows archive files to be extracted outside of the target directory. A remote unauthenticated attacker can submit a specially crafted ZIP or TAR archive to an Ant build, trick the victim into extracting it, cause a file to be created outside the current working directory on the system and create or overwrite arbitrary files.

Mitigation
Update to version 1.9.12.

Vulnerable software versions

Apache Ant: 1.1 - 1.9.11

External links
https://github.com/apache/ant/commit/e56e54565804991c62ec76dad385d2bdda8972a7

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

OpenSUSE Linux update for ant

Amazon Linux AMI update for ant

Debian update for ant

Fedora 28 Modular update for ant

Fedora 28 update for ant

Fedora 27 update for ant