![]() ![]() Not much is known about the nature of the attacks, but the disclosure is evidence of a growing trend wherein threat actors are quick to scan for vulnerable systems after flaws are publicly disclosed and take the opportunity to launch malware and ransomware campaigns. Zimbra addressed the issue on June 14 in 9.0.0 patch 25 and 8.5.15 patch 32 by replacing UnRAR with 7z. option from the context menu associated with any RAR file in Windows Explorer, you can double-click the RAR, or you can drag and drop the RAR onto the program interface. The security hole was patched by WinRAR developer Rarlab on May 6. ![]() In a follow-up analysis published last month, Rapid7 said a vulnerable Zimbra host can be exploited by an adversary by sending an email containing a rogue RAR file and without requiring any user interaction, since the service automatically extracts archives attached to incoming emails to inspect them for spam and malware. Archive Extractor is a small and easy online tool that can extract over 70 types of compressed files, such as 7z, zipx, rar, tar, exe, dmg and much more. "RARLAB UnRAR on Linux and UNIX contains a directory traversal vulnerability, allowing an attacker to write to files during an extract (unpack) operation," the agency said in an advisory.Īlthough the flaw affects any Linux application that uses UnRAR to extract an archive file, a successful exploitation of the flaw can have a significant impact against Zimbra, granting an attacker complete access to the email server. ![]()
0 Comments
Leave a Reply. |