0X-Apollyon

picklescan before 0.0.33 contains an incomplete deny-list that fails to block pydoc.locate and operator.methodcaller functions, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle files using these unblocked functions to achieve arbitrary code execution when the pickle is deserialized.

picklescan before 0.0.33 contains an arbitrary file writing vulnerability that allows attackers to bypass the dangerous blocklist by using distutils.file util.write file. Attackers can construct malicious pickle objects to overwrite critical system files and achieve denial of service or remote code execution.

picklescan before 0.0.33 fails to block the ctypes module, allowing attackers to achieve remote code execution by invoking direct syscalls and accessing raw memory. Attackers can craft malicious pickle files using ctypes.WinDLL to load kernel32.dll and execute arbitrary commands, bypassing sandbox protections and gadget chain detection.

**Name of the Vulnerable Software and Affected Versions** Tornado versions prior to 6.5.5 **Description** Tornado is a Python web framework and asynchronous networking library. In versions prior to 6.5.5, the only limit on the number of parts in `multipart/form-data` requests is the `max body size` setting, which defaults to 100MB. Because parsing of these requests occurs synchronously on the main thread, this can lead to a denial-of-service condition due to the computational cost of processing very large multipart bodies with numerous parts. Tornado 6.5.5 introduces new limits on the size and complexity of multipart bodies, including a default limit of 100 parts per request, configurable through `tornado.httputil.ParseMultipartConfig`. It is also possible to disable `multipart/form-data` parsing entirely if it is not required. **Recommendations** Versions prior to 6.5.5 should be updated to version 6.5.5 or later.

**Nome do Software Vulnerável e Versões Afetadas** Versões do Fickling anteriores à 0.1.7 **Descrição** O Fickling, um descompilador e analisador estático de pickling em Python, não bloqueia explicitamente os módulos `ctypes` e `pydoc` em versões anteriores à 0.1.7. A combinação desses módulos pode levar à Execução Remota de Código (RCE), mesmo quando o scanner classifica o arquivo como LIKELY SAFE. O problema ocorre porque ferramentas de varredura de pickle existentes, como o `picklescan`, também não bloqueiam o `pydoc.locate`. **Recomendações** Atualize para a versão 0.1.7 do Fickling ou posterior.

**Nome do Software Vulnerável e Versões Afetadas** Versões do Fickling anteriores a 0.1.7 **Descrição** O Fickling, um descompilador e analisador estático de pickling em Python, é suscetível a uma contornação de detecção devido a um problema de "cegueira" nos "builtins". Isso permite a contornação potencial de medidas de segurança. **Recomendações** Atualize para a versão 0.1.7 ou posterior para resolver este problema.