KGB Archiver Hostile Destination Path Vulnerability
BID:17363
Info
KGB Archiver Hostile Destination Path Vulnerability
| Bugtraq ID: | 17363 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 14 2006 12:00AM |
| Updated: | Apr 04 2006 06:43PM |
| Credit: | Joxean Koret is credited with the discovery of this vulnerability. |
| Vulnerable: |
KGB KGB Archiver 1.1.5 21 |
| Not Vulnerable: |
KGB KGB Archiver 1.1.5 22 |
Discussion
KGB Archiver Hostile Destination Path Vulnerability
KGB Archiver contains a vulnerability in the handling of pathnames for archived files.
By specifying a path for an archived item that points outside the expected destination directory, the creator of the archive can cause the file to be extracted to arbitrary locations on the filesystem, possibly including paths containing system binaries and other sensitive or confidential information.
Presumably, an attacker could use this to create or overwrite binaries in any desired location, with the privileges of the invoking user.
Version 1.1.5.21 and prior are vulnerable.
KGB Archiver contains a vulnerability in the handling of pathnames for archived files.
By specifying a path for an archived item that points outside the expected destination directory, the creator of the archive can cause the file to be extracted to arbitrary locations on the filesystem, possibly including paths containing system binaries and other sensitive or confidential information.
Presumably, an attacker could use this to create or overwrite binaries in any desired location, with the privileges of the invoking user.
Version 1.1.5.21 and prior are vulnerable.
Exploit / POC
KGB Archiver Hostile Destination Path Vulnerability
An exploit is not required.
An exploit is not required.
Solution / Fix
KGB Archiver Hostile Destination Path Vulnerability
Solution:
The vendor has released version 1.1.5.22 to address this issue.
KGB KGB Archiver 1.1.5 21
Solution:
The vendor has released version 1.1.5.22 to address this issue.
KGB KGB Archiver 1.1.5 21
-
kgb_arch_win_gui_v1.1.5.22.exe
http://prdownloads.sourceforge.net/kgbarchiver/kgb_arch_win_gui_v1.1.5 .22.exe
References
KGB Archiver Hostile Destination Path Vulnerability
References:
References:
- KGB Archiver version History: Version 1.1.5.22 (KGB Archiver)
- KGB Archiver Web Site (KGB Archiver)