Showing 1 - 4 of 4

CVE-2018-1000888

Status Candidate

Overview

PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the Archive_Tar class. There are several file operations with `$v_header['filename']` as parameter (such as file_exists, is_file, is_dir, etc). When extract is called without a specific prefix path, we can trigger unserialization by crafting a tar file with `phar://[path_to_malicious_phar_file]` as path. Object injection can be used to trigger destruct in the loaded PHP classes, e.g. the Archive_Tar class itself. With Archive_Tar object injection, arbitrary file deletion can occur because `@unlink($this->_temp_tarname)` is called. If another class with useful gadget is loaded, it may possible to cause remote code execution that can result in files being deleted or possibly modified. This vulnerability appears to have been fixed in 1.4.4.

Related Files

Gentoo Linux Security Advisory 202006-14: Posted Jun 15, 2020; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202006-14 - A buffer overflow in the PEAR module Archive_Tar might allow local or remote attacker(s) to execute arbitrary code. Versions below 1.4.5 are affected.; tags | advisory, remote, overflow, arbitrary, local; systems | linux, gentoo; advisories | CVE-2018-1000888; SHA-256 | 64f72cb7244e378c12f60f38642177b264964ab70212fd0dd3a599d6d481054d; Download | Favorite | View

Debian Security Advisory 4378-1: Posted Jan 30, 2019; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4378-1 - Fariskhi Vidyan discovered that the PEAR Archive_Tar package for handling tar files in PHP is prone to a PHP object injection vulnerability, potentially allowing a remote attacker to execute arbitrary code.; tags | advisory, remote, arbitrary, php; systems | linux, debian; advisories | CVE-2018-1000888; SHA-256 | 7e4ef23ca8470300ddac7bad2d8bad6f040e2ce16dd0123ba1e84084b83ec707; Download | Favorite | View

Ubuntu Security Notice USN-3857-1: Posted Jan 15, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3857-1 - Fariskhi Vidyan discovered that PEAR Archive_Tar incorrectly handled certain archive paths. A remote attacker could possibly use this issue to execute arbitrary code.; tags | advisory, remote, arbitrary; systems | linux, ubuntu; advisories | CVE-2018-1000888; SHA-256 | 1d5566ce471b7460908ec1e4e46ec21960e749406646a4ae8f31b0ce933d9dd8; Download | Favorite | View

PEAR Archive_Tar PHP Object Injection: Posted Jan 10, 2019; Authored by farisv; PEAR Archive_Tar versions prior to 1.4.4 suffers from a php object injection vulnerability.; tags | exploit, php; advisories | CVE-2018-1000888; SHA-256 | cad5188ebafd78a5e0e10621a684eddce0406c02de57368d07686cc16c02a522; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

CVE-2018-1000888

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems