47 matches found
EUVD-2019-0782
Malware in sbrugna...
EUVD-2022-3679
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2018-1000888
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PEAR ArchiveTar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the ArchiveTar class. There are several file operations with...
Drupal core Arbitrary PHP code execution
The Drupal project uses the PEAR ArchiveTar library. The PEAR ArchiveTar library has released a security update that impacts Drupal. For more information please see: CVE-2020-28948 CVE-2020-28949 Multiple vulnerabilities are possible if Drupal is configured to allow .tar, .tar.gz, .bz2, or .tlz...
Drupal core Arbitrary PHP code execution
The Drupal project uses the PEAR ArchiveTar library. The PEAR ArchiveTar library has released a security update that impacts Drupal. For more information please see: CVE-2020-28948 CVE-2020-28949 Multiple vulnerabilities are possible if Drupal is configured to allow .tar, .tar.gz, .bz2, or .tlz...
Archive_Tar contains Potential RCE if filename starts with phar://
PEAR ArchiveTar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the ArchiveTar class. There are several file operations with $vheader'filename' as parameter such as fileexists, isfile, isdir, etc. When extract is called without a specific prefix path, we can trigger...
PEAR Archive Tar Insecure Deserialization Code Execution (CVE-2020-28948)
An insecure deserialization vulnerability exists in the PEAR ArchiveTar module. The vulnerability is due to improper validation of file names inside TAR files. A remote attacker can exploit this vulnerability by sending malicious TAR files to the applications which are using PEAR ArchiveTar modul...
PEAR Archive_Tar Deserialization of Untrusted Data Vulnerability
PEAR ArchiveTar allows an unserialization attack because phar: is blocked but PHAR: is not blocked. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party products such as Drup...
Metasploit Wrap-Up
MobileIron MDM Hessian-Based Java Deserialization RCE Our very own wvu-r7 has added exploits/linux/http/mobileironmdmhessianrce, which exploits an ACL bypass in MobileIron MDM products to execute a Java deserialization attack using a Groovy gadget against a Hessian based endpoint. CVE-2020-15505...
GLSA-202101-23 : PEAR Archive_Tar: Directory traversal
The remote host is affected by the vulnerability described in GLSA-202101-23 PEAR ArchiveTar: Directory traversal Multiple vulnerabilities have been discovered in PEAR ArchiveTar. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers...
PEAR Archive_Tar: Directory traversal
Background This class provides handling of tar files in PHP. Description Multiple vulnerabilities have been discovered in PEAR ArchiveTar. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...
Drupal 9.0.x < 9.0.11 Third-Party Library Vulnerability
According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.78, 8.9.x prior to 8.9.13, 9.0.x prior to 9.0.11 or 9.1.x prior to 9.1.3. It is, therefore, affected by a directory traversal due to the PEAR ArchiveTar library used by Drupal. The...
Drupal 7.x < 7.78 Third-Party Library Vulnerability
According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.78, 8.9.x prior to 8.9.13, 9.0.x prior to 9.0.11 or 9.1.x prior to 9.1.3. It is, therefore, affected by a directory traversal due to the PEAR ArchiveTar library used by Drupal. The...
Drupal 8.9.x < 8.9.13 Third-Party Library Vulnerability
According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.78, 8.9.x prior to 8.9.13, 9.0.x prior to 9.0.11 or 9.1.x prior to 9.1.3. It is, therefore, affected by a directory traversal due to the PEAR ArchiveTar library used by Drupal. The...
CVE-2020-28949
A flaw was found in the ArchiveTar package. PEAR ArchiveTar could allow a local authenticated attacker to bypass security restrictions caused by a stream-wrapper attack. An attacker can overwrite arbitrary files on the system using a specially-crafted tar archive...
Debian DSA-4817-1 : php-pear - security update
Two vulnerabilities were discovered in the PEAR ArchiveTar package for handling tar files in PHP, potentially allowing a remote attacker to execute arbitrary code or overwrite files. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...
[SECURITY] [DSA 4817-1] php-pear security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4817-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 19, 2020 https://www.debian.org/security/faq -...
Drupal 7.x, 8.x, 9.x RCE Vulnerability (SA-CORE-2020-013) - Linux
Drupal is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal";...
Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2020-013
The Drupal project uses the PEAR ArchiveTar library. The PEAR ArchiveTar library has released a security update that impacts Drupal. For more information please see: CVE-2020-28948 CVE-2020-28949 Multiple vulnerabilities are possible if Drupal is configured to allow .tar, .tar.gz, .bz2, or .tlz...
PHAR Unserialization
pear/archivetar is vulnerable to PHAR unserialization. The vulnerability exists due to the improper validation of filename that allows a filename that starts with PHAR:// to be executed...