gtar -- Directory traversal vulnerability

2007-08-23T00:00:00
ID D944719E-42F4-4864-89ED-F045B541919F
Type freebsd
Reporter FreeBSD
Modified 2007-08-23T00:00:00

Description

Red Hat reports:

A path traversal flaw was discovered in the way GNU tar extracted archives. A malicious user could create a tar archive that could write to arbitrary files to which the user running GNU tar had write access.

Red Hat credits Dmitry V. Levin for reporting the issue.