Lucene search
RubySecRUBY:ARCHIVE-TAR-MINITAR-2016-10173HistoryAug 21, 2016 - 9:00 p.m.
Archive-Tar-Minitar Directory Traversal Vulnerability
2016-08-2121:00:00
RubySec
rubysec.com
10
Minitar allows attackers to overwrite arbitrary files during archive
extraction via a … (dot dot) in an extracted filename. Analogous
vulnerabilities for unzip and tar:
https://www.cvedetails.com/cve/CVE-2001-1268/ and
http://www.cvedetails.com/cve/CVE-2001-1267/
Credit: ecneladis
| CPE | Name | Operator | Version |
|---|---|---|---|
| archive-tar-minitar | lt | 0.6.0 |
References
Related
rubygems
rubygems
Minitar Directory Traversal Vulnerability
2016-08-21 21:00:00
nessus
nessus
RHEL 2.1 : unzip (RHSA-2002:138)
2004-07-06 00:00:00
Mandrake Linux Security Advisory : unzip (MDKSA-2002:065)
2004-07-31 00:00:00
Oracle Linux 9 : python3.11-pip (ELSA-2023-6324)
2023-11-16 00:00:00
cve
cve
ubuntucve
ubuntucve
CVE-2007-4559
2007-08-28 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for uvplog (EulerOS-SA-2023-1690)
2023-05-08 00:00:00
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-2770)
2023-09-11 00:00:00
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-2739)
2023-09-11 00:00:00
prion
prion
Directory traversal
2007-08-28 01:17:00
securityvulns
securityvulns
rPSA-2007-0172-1 tar
2007-08-27 00:00:00
Directory traversal and absolute path in multiple archivers
2007-08-27 00:00:00
Related for RUBY:ARCHIVE-TAR-MINITAR-2016-10173