CVE-2018-1002200: Path Traversal

Published May 30, 2018
·
Updated

A vulnerability has been found in the way developers have implemented the archive extraction of files. An arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar,xz, war, cpio, 7z), that holds path traversal filenames. So when the filename gets concatenated to the target extraction directory, the final path ends up outside of the target folder. Of course if an executable or a configuration file is overwritten with a file containing malicious code, the problem can turn into an arbitrary code execution issue quite easily. This affects multiple libraries that lacks of a high level APIs that provide the archive extraction functionality.

References: https://github.com/codehaus-plexus/plexus-archiver/pull/87

Patch: https://github.com/codehaus-plexus/plexus-archiver/commit/58bc24e465c0842981692adbf6d75680298989de

Other sources

plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.

Affected Software

9 affected componentsFixes available
debian/plexus-archiver
3.6.0-24.6.1-1
debian/plexus-archiver<=3.5-1, <=1.2-1
3.6.0-11.2-1+deb8u12.2-1+deb9u1
redhat/plexus-archiver<3.6.0
3.6.0
Codehaus-plexus plexus-archiver<3.6.0
Debian Debian Linux=8.0
Debian Debian Linux=9.0
redhat Enterprise Linux=7.5
redhat Enterprise Linux Desktop=7.0
redhat Enterprise Linux Workstation=7.0

Remediation

Patch Available

https://github.com/codehaus-plexus/plexus-archiver/commit/f8f4233508193b70df33759ae9dc6154d69c2ea8

Patch Available

https://github.com/codehaus-plexus/plexus-archiver/pull/87

Event History

May 30, 2018
Data Sourced
via Red Hat·07:27 PM
DescriptionSeverityAffected Software
Jul 25, 2018
CVE Published
via MITRE·05:00 PM
Data Sourced
via MITRE·05:00 PM
DescriptionWeakness
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2018-1002200?

CVE-2018-1002200 is classified as a medium severity vulnerability due to its potential for directory traversal attacks.

2

How do I fix CVE-2018-1002200?

To fix CVE-2018-1002200, upgrade plexus-archiver to version 3.6.0 or later.

3

What systems are affected by CVE-2018-1002200?

CVE-2018-1002200 affects all versions of plexus-archiver prior to 3.6.0.

4

What types of attacks can be conducted using CVE-2018-1002200?

CVE-2018-1002200 allows attackers to exploit directory traversal vulnerabilities leading to the potential write of files outside the target directory.

5

Is there a known workaround for CVE-2018-1002200?

There are no specific workarounds for CVE-2018-1002200 other than upgrading to the patched version.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203