CVE-2024-35474
📋 TL;DR
A directory traversal vulnerability in iceice666 ResourcePack Server allows remote attackers to read arbitrary files on the server by manipulating file paths. This affects all users running versions before v1.0.8. Attackers can potentially access sensitive configuration files or other data stored on the server.
💻 Affected Systems
- iceice666 ResourcePack Server
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete server file system disclosure including sensitive configuration files, credentials, and application source code
Likely Case
Disclosure of application configuration files and potentially sensitive data stored in accessible directories
If Mitigated
Limited to non-sensitive file disclosure if proper file permissions and access controls are implemented
🎯 Exploit Status
The vulnerability is simple to exploit via path traversal sequences like '../' in file requests
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: v1.0.8
Vendor Advisory: https://gist.github.com/apple502j/e99ca3a00e492bf1c942214b13213b46
Restart Required: Yes
Instructions:
1. Download v1.0.8 or later from the official source
2. Stop the ResourcePack Server service
3. Replace the existing installation with the patched version
4. Restart the ResourcePack Server service
🔧 Temporary Workarounds
Network Access Restriction
linuxRestrict network access to the ResourcePack Server to trusted IP addresses only
iptables -A INPUT -p tcp --dport [RESOURCEPACK_PORT] -s [TRUSTED_IP] -j ACCEPT
iptables -A INPUT -p tcp --dport [RESOURCEPACK_PORT] -j DROP
File System Permissions Hardening
linuxRestrict file system permissions to limit what files can be accessed
chmod 750 /path/to/resourcepack/files
chown root:root /path/to/resourcepack/files
🧯 If You Can't Patch
- Implement strict network segmentation and firewall rules to limit access to the ResourcePack Server
- Run the service under a restricted user account with minimal file system permissions
🔍 How to Verify
Check if Vulnerable:
Check if the server responds to path traversal requests like GET /../../etc/passwd or similarCheck Version:
Check the server version in the application logs or configuration filesVerify Fix Applied:
Attempt the same path traversal requests after patching - they should return 404 or access denied errors📡 Detection & Monitoring
Log Indicators:
- HTTP requests containing '../' sequences
- Unusual file access patterns outside expected resource directories
- 404 errors for system files
Network Indicators:
- HTTP requests with multiple '../' in the path
- Requests for known system files like /etc/passwd, /etc/shadow
SIEM Query:
source="resourcepack_logs" AND (uri="*../*" OR status=404 AND uri="*/etc/*")