CVE-2013-2027
access restriction bypass vulnerability in jython-standalone (Maven)
What is CVE-2013-2027 About?
This vulnerability affects Jython before 2.7.2b3, allowing local users to bypass intended access restrictions. It occurs because Jython uses the current umask to set the privileges of class cache files, which can lead to unintended permissions. Exploitation typically requires local access and specific conditions related to umask settings, making it moderately difficult to exploit.
Affected Software
Technical Details
The vulnerability in Jython before 2.7.2b3 stems from its handling of class cache file permissions. When Jython creates or updates class cache files, it incorrectly applies the system's current umask value. The umask determines which permission bits are cleared (turned off) when a new file or directory is created. If the umask is configured to be too permissive, the class cache files may be created with broader read and/or write permissions than intended by the system's security policy. A local attacker can leverage this by exploiting a weak umask setting, gaining unauthorized access to sensitive information or potentially modifying critical cache files, thereby bypassing intended access restrictions.
What is the Impact of CVE-2013-2027?
Successful exploitation may allow attackers to gain unauthorized access to data, modify system files, or escalate privileges, potentially leading to a compromise of system integrity and confidentiality.
What is the Exploitability of CVE-2013-2027?
Exploitation of this vulnerability requires local access to the system running Jython. There are no explicit authentication or privilege requirements beyond that needed for local access, but the effectiveness of the exploit depends on the system's umask settings being overly permissive for the Jython process. The attack is local, focusing on file system permissions. Special conditions include the specific umask configuration and the timing of class cache file creation. The complexity is moderate, as an attacker needs to understand the umask's impact and potentially manipulate it or wait for files to be created with weak permissions. Risk factors increase if the system has a consistently weak umask or if multiple users share the environment where Jython runs.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2013-2027?
Available Upgrade Options
- org.python:jython-standalone
- <2.7.2b3 → Upgrade to 2.7.2b3
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- http://lists.opensuse.org/opensuse-updates/2015-02/msg00055.html
- https://nvd.nist.gov/vuln/detail/CVE-2013-2027
- https://github.com/jython/frozen-mirror/commit/053949e66d307168fd70b39725f4d3e6b642acc1
- http://advisories.mageia.org/MGASA-2015-0096.html
- https://osv.dev/vulnerability/GHSA-9347-9w64-q5wp
- http://advisories.mageia.org/MGASA-2015-0096.html
- https://bugzilla.redhat.com/show_bug.cgi?id=947949
- https://bugzilla.redhat.com/show_bug.cgi?id=947949
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:158
- https://github.com/jython/frozen-mirror/blob/b8d7aa4cee50c0c0fe2f4b235dd62922dd0f3f99/NEWS#L25C8-L25C15
What are Similar Vulnerabilities to CVE-2013-2027?
Similar Vulnerabilities: CVE-2014-8742 , CVE-2015-1863 , CVE-2016-3687 , CVE-2018-19967 , CVE-2020-5390
