The flaw, that remained hidden for years, could be exploited by attackers to execute arbitrary code on the vulnerable systems.
The Zip Slip is an arbitrary file overwrite vulnerability that could be triggered with a directory traversal attack while extracting files from an archive,
Unfortunately, the flaw affects many archive formats, including tar, jar, war, cpio, apk, rar, and 7z.
“Zip Slip is a widespread arbitrary file overwrite critical vulnerability, which typically results in remote command execution.” states the blog post published by the experts.
“It was discovered and responsibly disclosed by the Snyk Security team ahead of a public disclosure on 5th June 2018, and affects thousands of projects, including ones from HP, Amazon, Apache, Pivotal and many more (CVEs and full list here).”
Thousands of projects written in several programming languages (i.e. JavaScript, Ruby, Java, .NET and Go) from tech giants include vulnerable libraries and codes.
Once a vulnerable code o library has extracted the content of the archive, it would allow attackers to unarchive malicious files outside of the folder where it should reside.
“The premise of the directory traversal vulnerability is that an attacker can gain access to parts of the file system outside of the target folder in which they should reside. The attacker can then overwrite executable files and either invoke them remotely or wait for the system or user to call them, thus achieving remote command execution on the victim’s machine.” continues the analysis.
“The vulnerability can also cause damage by overwriting configuration files or other sensitive resources, and can be exploited on both client (user) machines and servers.”
The researchers published proof-of-concept Zip Slip archives and released a video PoC for the Zip Slip flaw.
Experts shared two sample examples of malicious zip and tar files (for both Unix and windows files systems) with filenames that extract a file to the /tmp/ or \Temp\ folders
Since April, Snyk privately reported the flaw to the maintainers of all vulnerable libraries and projects, it is maintaining a GitHub repository listing all flawed projects. The repository is open to contributions from the wider community to ensure it holds the most up to date status.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(Security Affairs – Zip Slip, hacking)
[adrotate banner=”5″]
[adrotate banner=”13″]
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog.…
A bootloader vulnerability in Cisco NX-OS affects 100+ switches, allowing attackers to bypass image signature…
SOC analysts, vital to cybersecurity, face burnout due to exhausting workloads, risking their well-being and…
Operation Destabilise: The U.K. National Crime Agency disrupted Russian money laundering networks tied to organized…
Russia-linked APT group Secret Blizzard has used the tools and infrastructure of at least 6…
China-linked APT group Salt Typhoon has breached telecommunications companies in dozens of countries, US govt…
This website uses cookies.