6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
Alexander Cherepanov discovered that bsdcpio, an implementation of the
cpio program part of the libarchive project, is susceptible to a
directory traversal vulnerability via absolute paths.
For Debian 6 Squeeze, these issues have been fixed in libarchive version 2.8.4.forreal-1+squeeze3
CPE | Name | Operator | Version |
---|---|---|---|
libarchive | eq | 2.8.4-1+squeeze1 | |
libarchive | eq | 2.8.4-1 | |
libarchive | eq | 2.8.4-2 | |
libarchive | eq | 2.8.4.forreal-1+squeeze2 |