An arbitrary file overwrite vulnerability is exploited by potential attackers to achieve code execution on a target system. This affects a myriad of projects and multiple ecosystems named ‘Zip Slip’. Zip Slip is a kind of directory traversal that can be exploited by extracting the files from an archive folder. The principle of the directory traversal flaw is that an attacker can gain access to parts of the file system outside of the target folder in which they should reside. This bug can also cause damage by overwriting the configuration files or sensitive resources that can be exploited by both clients and servers. It affects numerous file formats including tar, jar, war, cpio, apk, rar and 7z.
Affected Libraries
This vulnerability has affected the following libraries
• JavaScript
• Ruby
• .NET
• Go
• Python
• Groovy
|
Sl.No |
Vendor |
Product |
Language |
Confirmed Vulnerable |
Fixed Version |
|
1 |
npm Library |
Unzipper |
JavaScript |
YES |
0.8.13 |
|
2 |
npm Library |
adm-zip |
JavaScript |
YES |
0.4.9 |
|
3 |
Java Library |
Codehaus/ plexus-archiver |
Java |
YES |
3.6.0 |
|
4 |
Java Library |
eroturnaround/zt-zip |
Java |
YES |
1.13 |
|
5 |
Java Library |
Zip4j |
Java |
YES |
|
|
6 |
.NET Library |
DotNetZip.Semverd |
.NET |
YES |
1.11.0 |
|
7 |
.NET Library |
SharpCompress |
.NET |
YES |
1.21.0 |
|
8 |
.NET Library |
Mholt/archiver |
Go |
YES |
e4ef56d4 |
For more information regarding the patches, please see references.
Immediate Actions to Follow
The system administrators are advised to take the following actions.
• Update the libraries to the most recent patch provided by vendors. Please see references.
References
[1] Zip Slip Vulnerability
https://snyk.io/research/zip-slip-vulnerability
[2] Zip Slip
https://res.cloudinary.com/snyk/image/upload/v1528192501/zip-slip-vulnerability/technical-whitepaper.pdf
[3] snyk/zip-slip-vulnerability
https://github.com/snyk/zip-slip-vulnerability
[4] Zip Slip Directory Traversal Vulnerability Impacts Multiple Java Projects
https://www.infoq.com/news/2018/06/zip-slip