Path traversal in archiver

#VU77963 Path traversal in archiver

Published: 2023-07-05

Vulnerability identifier: #VU77963

Vulnerability risk: Low

CVSSv3.1: 6.5 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2019-10743

CWE-ID: CWE-22

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
archiver
Other software / Other software solutions

Vendor: mholt (Matt Holt)

Description

The vulnerability allows a local attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A local attacker can send a specially crafted HTTP request and read arbitrary files on the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

archiver: 3.3.0 - 3.3.1

External links
http://github.com/mholt/archiver/pull/169
http://snyk.io/research/zip-slip-vulnerability
http://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMMHOLTARCHIVERCMDARC-174728
http://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMMHOLTARCHIVERCMDARC-174728,

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data