Описание
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| cabextract | fixed | 1.6-1 | package | |
| cabextract | no-dsa | jessie | package | |
| cabextract | no-dsa | wheezy | package | |
| cabextract | no-dsa | squeeze | package |
Примечания
https://www.openwall.com/lists/oss-security/2015/02/18/3
Upstream commit: http://sourceforge.net/p/libmspack/code/217
CVE assigned for issue were path traversal occurs because the unpatched
code does neither of the following: 1) checking for slashes after decoding
2) checking for ordinary slashes before decoding and prohibiting overlong
encodings
Связанные уязвимости
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash.
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash.
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash.