CVE-2018-17828
zziplib: directory traversal in unzzip_cat in the bins/unzzipcat-mem.c
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. (dot dot) in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file.
Vulnerabilidad de salto de directorio en ZZIPlib 0.13.69 permite que un atacante sobrescriba archivos arbitrarios mediante un .. (punto punto) en un archivo zip. Esto se debe a la funciĆ³n unzzip_cat en el archivo bins/unzzipcat-mem.c.
It was discovered that zziplib is vulnerable to a directory traversal flaw in most of its unzip binaries, including unzip-mem, unzzipcat-mem, unzzipcat-big, unzzipcat-mix, and unzzipcat-zip. An attacker may use this flaw to write files outside the intended target directory, overwriting existing files, or creating new ones.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-09-30 CVE Reserved
- 2018-10-01 CVE Published
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- 2024-08-10 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (3)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/gdraheim/zziplib/issues/62 | 2024-08-05 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2018-17828 | 2020-04-28 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1635888 | 2020-04-28 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Zziplib Project Search vendor "Zziplib Project" | Zziplib Search vendor "Zziplib Project" for product "Zziplib" | 0.13.69 Search vendor "Zziplib Project" for product "Zziplib" and version "0.13.69" | - |
Affected
| ||||||