Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
rubygemsRubySecRUBY:MINITAR-2016-10173
HistoryAug 21, 2016 - 9:00 p.m.

Minitar Directory Traversal Vulnerability

2016-08-2121:00:00
RubySec
rubysec.com
16

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

30.2%

JSON

Minitar allows attackers to overwrite arbitrary files during archive
extraction via a … (dot dot) in an extracted filename. Analogous
vulnerabilities for unzip and tar:
https://www.cvedetails.com/cve/CVE-2001-1268/ and
http://www.cvedetails.com/cve/CVE-2001-1267/

Credit: ecneladis

CPENameOperatorVersion
minitarlt0.6.0

Related

rubygems 1
cve 4
cvelist 4
nvd 4
nessus 39
openvas 6
ubuntucve 1
prion 1
securityvulns 2
ibm 1
rubygems
rubygems
Archive-Tar-Minitar Directory Traversal Vulnerability
2016-08-21 21:00:00
cve
cve
CVE-2001-1267
2004-09-01 04:00:00
CVE-2001-1268
2002-05-03 04:00:00
CVE-2002-0399
2002-10-10 04:00:00
cvelist
cvelist
CVE-2001-1267
2004-09-01 04:00:00
CVE-2001-1268
2002-05-03 04:00:00
CVE-2007-4559
2007-08-28 00:00:00
nvd
nvd
CVE-2001-1267
2001-07-12 04:00:00
CVE-2001-1268
2001-07-12 04:00:00
CVE-2002-0399
2002-10-10 04:00:00
nessus
nessus
RHEL 2.1 : unzip (RHSA-2002:138)
2004-07-06 00:00:00
Oracle Linux 9 : python3.11-pip (ELSA-2023-6324)
2023-11-16 00:00:00
Mandrake Linux Security Advisory : unzip (MDKSA-2002:065)
2004-07-31 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for uvplog (EulerOS-SA-2023-1690)
2023-05-08 00:00:00
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-2770)
2023-09-11 00:00:00
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-2739)
2023-09-11 00:00:00
ubuntucve
ubuntucve
CVE-2007-4559
2007-08-28 00:00:00
prion
prion
Directory traversal
2007-08-28 01:17:00
securityvulns
securityvulns
rPSA-2007-0172-1 tar
2007-08-27 00:00:00
Directory traversal and absolute path in multiple archivers
2007-08-27 00:00:00
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues
2024-05-07 17:07:44

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

30.2%

JSON
Related for RUBY:MINITAR-2016-10173
rubygems1cve4cvelist4nvd4nessus39openvas6ubuntucve1prion1securityvulns2ibm1