Vulnerability Details : CVE-2018-1000802
Potential exploit
Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.
Vulnerability category: Denial of service
Products affected by CVE-2018-1000802
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
Threat overview for CVE-2018-1000802
Top countries where our scanners detected CVE-2018-1000802
Top open port discovered on systems with this issue
22
IPs affected by CVE-2018-1000802 34,968
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2018-1000802!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2018-1000802
24.41%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-1000802
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2018-1000802
-
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-1000802
-
https://usn.ubuntu.com/3817-2/
USN-3817-2: Python vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html
[SECURITY] [DLA 1520-1] python3.4 security updateMailing List;Third Party Advisory
-
https://mega.nz/#!JUFiCC4R!mq-jQ8ySFwIhX6WMDujaZuNBfttDVt7DETlfOIQE1ig
MEGAExploit;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20230309-0002/
CVE-2018-1000802 Python Vulnerability in NetApp Products | NetApp Product Security
-
https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html
[SECURITY] [DLA 1519-1] python2.7 security updateMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
[security-announce] openSUSE-SU-2020:0086-1: important: Security updateMailing List;Third Party Advisory
-
https://bugs.python.org/issue34540
Issue 34540: shutil._call_external_zip should use subprocess - Python trackerIssue Tracking;Patch;Vendor Advisory
-
https://github.com/python/cpython/pull/8985
[2.7] closes bpo-34540: Convert shutil._call_external_zip to use subprocess rather than distutils.spawn. by benjaminp · Pull Request #8985 · python/cpython · GitHubPatch;Vendor Advisory
-
https://github.com/python/cpython/pull/8985/commits/add531a1e55b0a739b0f42582f1c9747e5649ace
[2.7] closes bpo-34540: Convert shutil._call_external_zip to use subprocess rather than distutils.spawn. by benjaminp · Pull Request #8985 · python/cpython · GitHubPatch;Vendor Advisory
-
https://usn.ubuntu.com/3817-1/
USN-3817-1: Python vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://www.debian.org/security/2018/dsa-4306
Debian -- Security Information -- DSA-4306-1 python2.7Third Party Advisory
Jump to