SB2018112745 - Path traversal in libmspack (Alpine package)
Published: November 27, 2018
Security Bulletin ID
SB2018112745
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Information disclosure
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Path traversal (CVE-ID: CVE-2018-18586)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
** DISPUTED ** chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract.c was only intended as a source-code example, not a supported application.
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=3a49d88a9384e72b92ad518a7f8cf56dfe1c4513
- https://git.alpinelinux.org/aports/commit/?id=6f862b5f45d6e18068d8e26af441f403f4444e6e
- https://git.alpinelinux.org/aports/commit/?id=c9b4a96edd80dfc0ae4bd6d76202612f6bbd42d7
- https://git.alpinelinux.org/aports/commit/?id=e59fb2371eb8b367558761b562b73e8b1935e498