CVE-2016-6232 - OpenCVE

Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Canonical	Ubuntu Linux
Kde	Karchives

Configuration 1 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

Configuration 2 [-]

cpe:2.3:a:kde:karchives:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00023.html
http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00000.html
http://www.debian.org/security/2016/dsa-3643
http://www.openwall.com/lists/oss-security/2016/07/16/2
http://www.openwall.com/lists/oss-security/2016/07/16/3
http://www.securityfocus.com/bid/91806
http://www.ubuntu.com/usn/USN-3042-1
https://quickgit.kde.org/?p=karchive.git&a=commit&h=0cb243f64eef45565741b27364cece7d5c349c37
https://usn.ubuntu.com/4100-1/
https://www.kde.org/info/security/advisory-20160724-1.txt

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2016-08-02T16:00:00

Updated: 2024-08-06T01:22:20.612Z

Reserved: 2016-07-16T00:00:00

Link: CVE-2016-6232

Vulnrichment

No data.

NVD

Status : Modified

Published: 2016-08-02T16:59:07.197

Modified: 2016-11-28T20:31:07.123

Link: CVE-2016-6232

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-07-16T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-08-19T14:06:17", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[oss-security] 20160716 Re: CVE Request for KNewStuff/KArchive issue", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/07/16/3"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://quickgit.kde.org/?p=karchive.git&a=commit&h=0cb243f64eef45565741b27364cece7d5c349c37"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.kde.org/info/security/advisory-20160724-1.txt"}, {"name": "openSUSE-SU-2016:1884", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00023.html"}, {"name": "91806", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/91806"}, {"name": "DSA-3643", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3643"}, {"name": "openSUSE-SU-2016:2223", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00000.html"}, {"name": "[oss-security] 20160716 CVE Request for KNewStuff/KArchive issue", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/07/16/2"}, {"name": "USN-3042-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3042-1"}, {"name": "USN-4100-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4100-1/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-6232", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20160716 Re: CVE Request for KNewStuff/KArchive issue", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/07/16/3"}, {"name": "https://quickgit.kde.org/?p=karchive.git&a=commit&h=0cb243f64eef45565741b27364cece7d5c349c37", "refsource": "CONFIRM", "url": "https://quickgit.kde.org/?p=karchive.git&a=commit&h=0cb243f64eef45565741b27364cece7d5c349c37"}, {"name": "https://www.kde.org/info/security/advisory-20160724-1.txt", "refsource": "CONFIRM", "url": "https://www.kde.org/info/security/advisory-20160724-1.txt"}, {"name": "openSUSE-SU-2016:1884", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00023.html"}, {"name": "91806", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91806"}, {"name": "DSA-3643", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3643"}, {"name": "openSUSE-SU-2016:2223", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00000.html"}, {"name": "[oss-security] 20160716 CVE Request for KNewStuff/KArchive issue", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/07/16/2"}, {"name": "USN-3042-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3042-1"}, {"name": "USN-4100-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4100-1/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T01:22:20.612Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20160716 Re: CVE Request for KNewStuff/KArchive issue", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/07/16/3"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://quickgit.kde.org/?p=karchive.git&a=commit&h=0cb243f64eef45565741b27364cece7d5c349c37"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.kde.org/info/security/advisory-20160724-1.txt"}, {"name": "openSUSE-SU-2016:1884", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00023.html"}, {"name": "91806", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/91806"}, {"name": "DSA-3643", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2016/dsa-3643"}, {"name": "openSUSE-SU-2016:2223", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00000.html"}, {"name": "[oss-security] 20160716 CVE Request for KNewStuff/KArchive issue", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/07/16/2"}, {"name": "USN-3042-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3042-1"}, {"name": "USN-4100-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4100-1/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-6232", "datePublished": "2016-08-02T16:00:00", "dateReserved": "2016-07-16T00:00:00", "dateUpdated": "2024-08-06T01:22:20.612Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kde:karchives:*:*:*:*:*:*:*:*", "matchCriteriaId": "9417AF60-E33E-4E8C-ABB4-9F19ACCF197B", "versionEndIncluding": "5.24", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads."}, {"lang": "es", "value": "Vulnerabilidad transversal del directorio en KArchive en versiones anteriores a 5.24, como se usa en KDE Frameworks, permite a atacantes remotos escribir a archivos arbitrarios a trav\u00e9s de un ../ (dot dot slash) en un nombre de archivo en un archivo hist\u00f3rico, relacionado con descargas KNewsstuff."}], "id": "CVE-2016-6232", "lastModified": "2016-11-28T20:31:07.123", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-08-02T16:59:07.197", "references": [{"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00023.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00000.html"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2016/dsa-3643"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2016/07/16/2"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/07/16/3"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/91806"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.ubuntu.com/usn/USN-3042-1"}, {"source": "cve@mitre.org", "url": "https://quickgit.kde.org/?p=karchive.git&a=commit&h=0cb243f64eef45565741b27364cece7d5c349c37"}, {"source": "cve@mitre.org", "url": "https://usn.ubuntu.com/4100-1/"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "url": "https://www.kde.org/info/security/advisory-20160724-1.txt"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}