Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Zip Slip Critical Archive Extraction Vulnerability

Yesterday, the Snyk Security team released information about a widespread archive extraction vulnerability known as Zip Slip. Zip Slip allows cyberattackers to write arbitrary files on the system, potentially permitting remote command execution. Zip Slip is a combination of “arbitrary file overwrite” and “directory traversal” weaknesses. An attacker could unzip files outside the normal unzip path and overwrite sensitive files, including critical OS libraries or server configuration files.

Analysis

The vulnerability affects thousands of projects, including ones from Amazon, Apache, HP and Pivotal due to their usage of the vulnerable open-source libraries. The affected libraries are available for a broad range of programming languages, including JavaScript, Python, Ruby, .NET, Go and Groovy.

According to Snyk, issues have also been found in the Java ecosystem. While following the SDLC best practices of code reuse, developers share portions of code in various online forums. Some of the code snippets have been found to be vulnerable to Zip Slip. thereby making applications that reused these code snippets potentially vulnerable, too.

The Zip Slip vulnerability affects multiple archive formats, including tar, jar, war, apk, rar and 7z. An attacker can use a specially crafted archive that holds files with directory traversals in their names to exploit the vulnerability.

Solution

The Snyk security team has listed the affected libraries and recommended mitigation steps here.

Tenable® Research is monitoring the situation on behalf of our customers. We’ll release Nessus® plugins as required to help identify the Cyber Exposure gap.

Additional information

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io Vulnerability Management

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.