TAR.Archive.Arbitrary.File.Overwrite
Description
This indicates an attack attempt to exploit an Arbitrary File Overwrite Vulnerability in applications that handles TAR archive files.
The vulnerability is due to improper validation of file names inside TAR files. A remote attacker can exploit this vulnerability by sending a malicious TAR to applications which has malformed file name. Successful exploitation could result in arbitrary file overwrite in the target user's system.
Affected Products
The npm package "tar" (aka node-tar) before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://github.com/npm/node-tar/commit/1f036ca23f64a547bdd6c79c1a44bc62e8115da4
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |