Tarfile Exploiting the World With a 15 Year Old Vulnerability

21-Sep-22

The tarfile module of Python was found to be vulnerable by Trellix Advanced Research Center while examining a different issue. At first, we believed we had discovered a brand-new zero-day vulnerability. As we investigated the problem, we found that it was actually CVE-2007-4559.

The tarfile module’s extract and extractall functions are vulnerable to path traversal attacks that let an attacker overwrite any files by appending the “..” sequence to filenames in TAR archives. Read More…