from:"Daniel Garcia"

[issue21109] tarfile: Traversal attack vulnerability

2014-03-31 Thread Daniel Garcia


New submission from Daniel Garcia:

The application does not validate the filenames inside the tar archive, 
allowing to extract files in arbitrary path. An attacker can craft a tar file 
to override files.

I've view this vulnerability in libtar:
http://lwn.net/Vulnerabilities/587141/
I've checked that python tarfile doesn't validate the filenames so python 
tarfile is vulnerable to this attack.

--
components: Library (Lib)
files: prevent-tar-traversal-attack.diff
keywords: patch
messages: 215222
nosy: Daniel.Garcia
priority: normal
severity: normal
status: open
title: tarfile: Traversal attack vulnerability
type: security
versions: Python 3.5
Added file: http://bugs.python.org/file34676/prevent-tar-traversal-attack.diff

___
Python tracker 
<http://bugs.python.org/issue21109>
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue21109] tarfile: Traversal attack vulnerability

2014-03-31 Thread Daniel Garcia


Daniel Garcia added the comment:

The solution in the patch is based on the gnutar solution to this, removing the 
prefix when extracting and adding.

--

___
Python tracker 
<http://bugs.python.org/issue21109>
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue21109] tarfile: Traversal attack vulnerability

[issue21109] tarfile: Traversal attack vulnerability

2 matches

Site Navigation

Mail list logo

Footer information