Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

GitHub patches bug that could allow access to another user’s repo

A flaw in GitHub’s namespace retirement feature could have allowed attackers to potentially access another user’s repository.

Coined ‘repojacking’ by researchers from Checkmarx, the technique could have enabled malicious actors to bypass protections against the takeover of “retired” GitHub namespaces.

GitHub repositories have a unique URL which is nested under the user account that created it. The linked URL and username together are called a ‘namespace’.

When a user chooses to rename their GitHub account, the platform will redirect their old URLs to the new URL.

However, this feature was found to be vulnerable to “a logical flaw that breaks the original redirect”.

If a malicious actor created an account using the previous account name of another user, they were able to link the old repository URL to their account, gaining access to code and other content in the process.

In addition, and compounding the problem, the default redirect was disabled, so if an attack was successful then all existing traffic was immediately routed to the attackers malicious GitHub repository.

To protect against this, GitHub initially introduced the “popular repository namespace retirement” feature, meaning that any repository with more than 100 clones at the time its user account is renamed is considered “retired” and the namespace cannot be used by others.

Timeline

In a blog post, Checkmarx researchers explained that they found two bypasses that allowed them to exploit the feature, noting that a successful attack would enable the takeover of popular code packages in several popular package managers including Packagist, Go, Swift, and more.

The team discovered an initial bypass in November 2021 and reported this to GitHub, which “fixed” it In March 2022.

In May 2022, it was still deemed to be exploitable and was again patched later that month.

Then in June, Checkmarx researchers found a second bypass, which was patched in September and disclosed this week (October 26).

The researchers were awarded an undisclosed bug bounty reward for the discovery. Checkmarx warns that thousands of repos could be at risk if any further bypasses were found.

“We have identified over 10,000 packages in those package managers using renamed usernames and are at risk of being vulnerable to this technique in case a new bypass is found,” the researchers said in a blog post.

Copyright 2021 Associated Press. All rights reserved.

Advertisement. Scroll to continue reading.

Source: https://portswigger.net/daily-swig/github-patches-bug-that-could-allow-access-to-another-users-repo

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given federal agencies three weeks to secure Adobe ColdFusion servers on their networks against two...

Cyber Security

Businesses and developers are focusing more on the security of applications in their digital environment as cyber threats and data breaches continue escalating. The...

Cyber Security

A North Korea based threat actor targeting personal accounts of technology firms through low-profile social engineering attempts. This campaign utilizes a combination of repository...

Cyber Security

HCL BigFix is an endpoint management platform that has the capability to automate discovery, management, and remediation. It can find and fix vulnerabilities on...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO