15-12 months-Outdated Unpatched Python Vulnerability Probably Impacts Over 350,000 Tasks

15-12 months-Outdated Unpatched Python Vulnerability Probably Impacts Over 350,000 Tasks

As many as 350,000 open supply initiatives are mentioned to be probably susceptible to exploitation attributable to a safety flaw in a Python module that hasn’t been patched for 15 years.

Open supply repositories cowl numerous verticals, reminiscent of software program improvement, synthetic intelligence/machine studying, internet improvement, media, safety, IT administration.

The flaw, tracked as CVE-2007-4559 (CVSS rating: 6.8), is rooted within the tarfile module, the profitable exploitation of which might result in code execution from an arbitrary file write.

– Promoting –

cyber security

“The vulnerability is a path traversal assault within the extract and extract features of the tarfile module that enables an attacker to overwrite arbitrary information by appending the sequence ‘..’ to filenames in a TAR archive ”, mentioned Kasimir Schulz, safety researcher at Trellix. mentioned in an editorial.

Initially disclosed in August 2007, the bug has to do with how a specifically crafted tarball may be exploited to overwrite arbitrary information on a goal machine just by opening the file.

Merely put, a malicious actor can exploit the weak spot by importing a malicious tar file in a means that enables escaping the listing a file is meant to be extracted to and executing code, permitting the adversary to probably take management of a goal. machine.

“By no means extract archives from untrusted sources with out first inspecting them,” the Python documentation for tarfile reads. “It’s doable for information to be created outdoors the trail, for instance members whose absolute filenames start with “https://thehackernews.com/” or filenames with a colon ‘…’.”

cyber security

The vulnerability can be paying homage to a just lately disclosed vulnerability in RARlab’s UnRAR utility (CVE-2022-30333) that might result in distant code execution.

Trellix has moreover launched a customized utility known as Creosote to scan for initiatives susceptible to CVE-2007-4559, utilizing it to find the vulnerability within the Spyder Python IDE in addition to in Polemarch.

“Left unchecked, this vulnerability has been unwittingly added to lots of of 1000’s of open supply and closed initiatives worldwide, creating a considerable software program provide chain assault floor,” Douglas McKee famous.

#15YearOld #Unpatched #Python #Vulnerability #Probably #Impacts #Tasks

Leave a Comment

Your email address will not be published.

Scroll to Top