1223427 – (ZDI-24-400) VUL-0: ZDI-24-400: python-uamqp: uncontrolled search path element remote code execution

Bug 1223427 (ZDI-24-400) - VUL-0: ZDI-24-400: python-uamqp: uncontrolled search path element remote code execution

Summary: VUL-0: ZDI-24-400: python-uamqp: uncontrolled search path element remote code...

Status:	NEW

Alias:	ZDI-24-400

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	John Paul Adrian Glaubitz
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/403205/
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2024-04-26 11:49 UTC by SMASH SMASH
Modified:	2024-04-26 12:15 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description SMASH SMASH 2024-04-26 11:49:56 UTC

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft uAMQP for Python. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the installation of uAMQP for Python. When installed from the official Microsoft GitHub repository, the installation attempts to load a non-existent cloud resource that is vulnerable to takeover. An attacker can leverage this vulnerability to execute code on systems dependent on the cloud resource.

References:
https://www.zerodayinitiative.com/advisories/ZDI-24-400/