Platform
ruby
Component
archive-tar-minitar
Opgelost in
0.5.2
CVE-2016-10173 describes a directory traversal vulnerability found in the archive-tar-minitar gem, a Ruby library used for handling TAR archives. This flaw allows a malicious actor to write to arbitrary files on the system by crafting a specially designed TAR archive containing .. sequences in its entry names. Versions of archive-tar-minitar prior to 0.5.2 are affected, and a fix has been released.
The core impact of CVE-2016-10173 lies in its ability to bypass file system restrictions. An attacker can leverage this vulnerability to overwrite critical system files, potentially leading to complete system compromise. By including malicious entries with relative paths (e.g., ../../../../etc/passwd) within a TAR archive, an attacker can manipulate the target system's file structure. This could result in privilege escalation, data exfiltration, or denial of service. The severity is heightened by the ease with which TAR archives can be created and distributed, making exploitation relatively straightforward.
CVE-2016-10173 was publicly disclosed in 2017. While no active exploitation campaigns have been definitively linked to this specific vulnerability, the ease of exploitation and the potential for significant impact make it a persistent risk. No KEV listing is available. Public proof-of-concept exploits are available, demonstrating the vulnerability's feasibility.
Ruby applications that utilize the archive-tar-minitar gem to process TAR archives are at risk. This includes web applications, automation scripts, and any other Ruby-based systems that handle user-supplied TAR files. Shared hosting environments where multiple applications share the same Ruby environment are particularly vulnerable, as a compromise in one application could potentially affect others.
• ruby / gem: Use gem list to check the installed version of archive-tar-minitar. If it's less than 0.5.2, the system is vulnerable.
gem list archive-tar-minitar• ruby / gem: Examine Gemfile for dependencies on vulnerable versions. Use bundle audit to identify vulnerabilities in the project's dependencies.
bundle audit• generic web: Monitor web server logs for suspicious file upload attempts involving TAR archives. Look for patterns indicative of path traversal attempts. • generic web: Implement file integrity monitoring on critical system files that could be targeted by an attacker.
discovery
disclosure
patch
Exploit Status
EPSS
2.92% (86% percentiel)
CVSS-vector
The primary mitigation for CVE-2016-10173 is to upgrade the archive-tar-minitar gem to version 0.5.2 or later. If upgrading is not immediately feasible due to compatibility issues or application downtime concerns, consider implementing input validation on TAR archives before processing them. Specifically, sanitize archive entry names to prevent the inclusion of .. sequences. Web application firewalls (WAFs) can be configured to block requests containing suspicious TAR archive uploads. After upgrading, confirm the fix by attempting to extract a TAR archive containing a malicious path traversal sequence and verifying that the extraction fails with an appropriate error message.
Geen officiële patch beschikbaar. Zoek naar tijdelijke oplossingen of monitor updates.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2016-10173 is a Path Traversal vulnerability in the archive-tar-minitar Ruby gem, allowing attackers to write arbitrary files via TAR archive manipulation.
You are affected if you are using archive-tar-minitar versions 0.5.1 or earlier. Upgrade to 0.5.2 or later to mitigate the risk.
Upgrade the archive-tar-minitar gem to version 0.5.2 or later using your Ruby package manager (e.g., gem install archive-tar-minitar -v 0.5.2).
While no confirmed active campaigns are publicly known, the vulnerability's ease of exploitation makes it a potential risk.
Refer to the Ruby Security Advisory for details: https://rubysec.com/archives/3361
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Upload je Gemfile.lock-bestand en we vertellen je direct of je getroffen bent.