Security News > 2022 > September > 15-Year-Old Unpatched Python Vulnerability Potentially Affects Over 350,000 Projects
As many as 350,000 open source projects are believed to be potentially vulnerable to exploitation as a result of a security flaw in a Python module that has remained unpatched for 15 years.
"The vulnerability is a path traversal attack in the extract and extractall functions in the tarfile module that allow an attacker to overwrite arbitrary files by adding the '.' sequence to filenames in a TAR archive," Trellix security researcher Kasimir Schulz said in a writeup.
Put simply, a threat actor can exploit the weakness by uploading a malicious tarfile in a manner that makes it possible to escape the directory that a file is intended to be extracted to and achieve code execution, allowing the adversary to potentially seize control of a target device.
The vulnerability is also reminiscent of a recently disclosed vulnerability in RARlab's UnRAR utility that could lead to remote code execution.
Trellix has further released a custom utility called Creosote to scan for projects vulnerable to CVE-2007-4559, using it to uncover the vulnerability in the Spyder Python IDE as well as Polemarch.
"Left unchecked, this vulnerability has been unintentionally added to hundreds of thousands of open- and closed-source projects worldwide, creating a substantial software supply chain attack surface," Douglas McKee noted.
News URL
https://thehackernews.com/2022/09/15-year-old-unpatched-python.html
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-08-28 | CVE-2007-4559 | Path Traversal vulnerability in Python Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. | 0.0 |