Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS03OG01LWpwbWYtY2g3ds4AAwJ6
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package
Summary
Unsafe extracting using shutil.unpack_archive() from a remotely retrieved tarball may lead to writing the extracted file to an unintended destination.
Details
Extracting files using shutil.unpack_archive() from a potentially malicious tarball without validating that the destination file path is within the intended destination directory can cause files outside the destination directory to be overwritten.
The vulnerable code snippet is between L153..158.
response = requests.get(url, stream=True)
with open(zippath, "wb") as f:
f.write(response.raw.read())
shutil.unpack_archive(zippath, unzippedpath)
It seems that a remotely retrieved tarball which could be with the extension .tar.gz happens to be unpacked using shutil.unpack_archive() with no destination verification/limitation of the extracted files.
PoC
The PoC provided showcases the risk of extracting the non-harmless text file sim4n6.txt to a parent location rather than the current folder.
> tar --list -f archive.tar
tar: Removing leading `../../../' from member names
../../../sim4n6.txt
> python3
Python 3.10.6 (main, Nov 2 2022, 18:53:38) [GCC 11.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import shutil
>>> shutil.unpack_archive("archive.tar")
>>> exit()
> file ../../../sim4n6.txt
../../../sim4n6.txt: ASCII text
A Potential Attack Scenario
- An attacker may craft a malicious tarball with a filename path, such as
../../../../../../../../etc/passwd, and then serve the archive remotely, thus, providing a possibility to overwrite the system files.
Mitigation
Potential mitigation could be to:
- Use a safer module, like
zipfile. - Validate the location of the extracted files and discard those with malicious paths such as a relative path
..or absolute ones.
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS03OG01LWpwbWYtY2g3ds4AAwJ6
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: over 1 year ago
Updated: about 1 year ago
CVSS Score: 5.8
CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L
Identifiers: GHSA-78m5-jpmf-ch7v, CVE-2022-23530
References:
- https://github.com/DataDog/guarddog/security/advisories/GHSA-78m5-jpmf-ch7v
- https://github.com/DataDog/guarddog/commit/37c7d0767ba28f4df46117d478f97652594c491c
- https://github.com/DataDog/guarddog/blob/a1d064ceb09d39bb28deb6972bc0a278756ea91f/guarddog/scanners/package_scanner.py#L153..158
- https://nvd.nist.gov/vuln/detail/CVE-2022-23530
- https://github.com/advisories/GHSA-78m5-jpmf-ch7v
Blast Radius: 0.0
Affected Packages
pypi:guarddog
Dependent packages: 0Dependent repositories: 1
Downloads: 3,395 last month
Affected Version Ranges: <= 0.1.7
Fixed in: 0.1.8
All affected versions: 0.1.1, 0.1.2, 0.1.3, 0.1.4, 0.1.5, 0.1.6, 0.1.7
All unaffected versions: 0.1.8, 0.1.9, 0.1.10, 1.0.0, 1.0.1, 1.0.2, 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 1.2.1, 1.3.0, 1.4.0, 1.5.0, 1.5.1, 1.5.2, 1.5.3, 1.5.4, 1.5.5, 1.5.6, 1.5.7, 1.5.8