Showing 1 - 4 of 4

CVE-2018-1000888

Status Candidate

Overview

PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the Archive_Tar class. There are several file operations with `$v_header['filename']` as parameter (such as file_exists, is_file, is_dir, etc). When extract is called without a specific prefix path, we can trigger unserialization by crafting a tar file with `phar://[path_to_malicious_phar_file]` as path. Object injection can be used to trigger destruct in the loaded PHP classes, e.g. the Archive_Tar class itself. With Archive_Tar object injection, arbitrary file deletion can occur because `@unlink($this->_temp_tarname)` is called. If another class with useful gadget is loaded, it may possible to cause remote code execution that can result in files being deleted or possibly modified. This vulnerability appears to have been fixed in 1.4.4.

Related Files

Gentoo Linux Security Advisory 202006-14: Posted Jun 15, 2020; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202006-14 - A buffer overflow in the PEAR module Archive_Tar might allow local or remote attacker(s) to execute arbitrary code. Versions below 1.4.5 are affected.; tags | advisory, remote, overflow, arbitrary, local; systems | linux, gentoo; advisories | CVE-2018-1000888; SHA-256 | 64f72cb7244e378c12f60f38642177b264964ab70212fd0dd3a599d6d481054d; Download | Favorite | View

Debian Security Advisory 4378-1: Posted Jan 30, 2019; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4378-1 - Fariskhi Vidyan discovered that the PEAR Archive_Tar package for handling tar files in PHP is prone to a PHP object injection vulnerability, potentially allowing a remote attacker to execute arbitrary code.; tags | advisory, remote, arbitrary, php; systems | linux, debian; advisories | CVE-2018-1000888; SHA-256 | 7e4ef23ca8470300ddac7bad2d8bad6f040e2ce16dd0123ba1e84084b83ec707; Download | Favorite | View

Ubuntu Security Notice USN-3857-1: Posted Jan 15, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3857-1 - Fariskhi Vidyan discovered that PEAR Archive_Tar incorrectly handled certain archive paths. A remote attacker could possibly use this issue to execute arbitrary code.; tags | advisory, remote, arbitrary; systems | linux, ubuntu; advisories | CVE-2018-1000888; SHA-256 | 1d5566ce471b7460908ec1e4e46ec21960e749406646a4ae8f31b0ce933d9dd8; Download | Favorite | View

PEAR Archive_Tar PHP Object Injection: Posted Jan 10, 2019; Authored by farisv; PEAR Archive_Tar versions prior to 1.4.4 suffers from a php object injection vulnerability.; tags | exploit, php; advisories | CVE-2018-1000888; SHA-256 | cad5188ebafd78a5e0e10621a684eddce0406c02de57368d07686cc16c02a522; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 228 files
indoushka 159 files
Jay Turla 150 files
Ubuntu 65 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,114)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,124)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (389)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,237)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,845)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,852)
UNIX (9,456)
UnixWare (188)
Windows (6,772)
Other

CVE-2018-1000888

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems