IZArc Hostile Destination Path Vulnerability
BID:17664
Info
IZArc Hostile Destination Path Vulnerability
| Bugtraq ID: | 17664 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 24 2006 12:00AM |
| Updated: | Apr 24 2006 08:36PM |
| Credit: | Claus Berghamer is credited with the discovery of this vulnerability. |
| Vulnerable: |
Ivan Zahariev IZArc 3.5 beta 3 |
| Not Vulnerable: | |
Discussion
IZArc Hostile Destination Path Vulnerability
IZArc contains a vulnerability in the handling of pathnames for archived files.
By specifying a path for an archived item that points outside the expected destination directory, the creator of the archive can cause the file to be extracted to arbitrary locations on the filesystem, possibly including paths containing system binaries and other sensitive or confidential information.
Presumably, an attacker could use this to create or overwrite binaries in any desired location, using the privileges of the invoking user.
Version 3.5 beta 3 is vulnerable; other versions may also be affected.
IZArc contains a vulnerability in the handling of pathnames for archived files.
By specifying a path for an archived item that points outside the expected destination directory, the creator of the archive can cause the file to be extracted to arbitrary locations on the filesystem, possibly including paths containing system binaries and other sensitive or confidential information.
Presumably, an attacker could use this to create or overwrite binaries in any desired location, using the privileges of the invoking user.
Version 3.5 beta 3 is vulnerable; other versions may also be affected.
Exploit / POC
IZArc Hostile Destination Path Vulnerability
Information regarding a successful exploit has not been provided.
Information regarding a successful exploit has not been provided.
Solution / Fix
IZArc Hostile Destination Path Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]:[email protected]
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]:[email protected]
References
IZArc Hostile Destination Path Vulnerability
References:
References: