21 matches found
Debian: Security Advisory (DLA-808-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2016-10173
Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. dot dot in a TAR archive entry...
SUSE: Security Advisory (SUSE-SU-2021:0115-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GHSA-CWP3-834G-X79G Moderate severity vulnerability that affects archive-tar-minitar and minitar
Withdrawn, accidental duplicate publish. Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. dot dot in a TAR archive entry...
Ruby Archive::Tar::Minitar: Directory traversal
Background Archive::Tar::Minitar is a pure-Ruby library and command-line utility that provides the ability to deal with POSIX tar1 archive files. Description Michal Marek discovered that Ruby Archive::Tar::Minitar is vulnerable to a directory traversal vulnerability. Impact A remote attacker coul...
RubyGems minitar and archive-tar-minitar local directory traversal vulnerability
minitar formerly archive-tar-minitar is a pure Ruby library and command-line utility for working with POSIX tar archives. A directory traversal vulnerability exists in versions prior to minitar 0.6 and archive-tar-minitar 0.5.2 gems. An attacker can exploit this vulnerability to write arbitrary...
Debian Security Advisory DSA 3778-1 (ruby-archive-tar-minitar - security update)
Michal Marek discovered that ruby-archive-tar-minitar, a Ruby library that provides the ability to deal with POSIX tar archive files, is prone to a directory traversal vulnerability. An attacker can take advantage of this flaw to overwrite arbitrary files during archive extraction via a .. dot do...
Debian: Security Advisory (DSA-3778-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Directory traversal
Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. dot dot in a TAR archive entry...
UBUNTU-CVE-2016-10173
Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. dot dot in a TAR archive entry...
DEBIAN-CVE-2016-10173
Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. dot dot in a TAR archive entry...
CVE-2016-10173
Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. dot dot in a TAR archive entry...
CVE-2016-10173
CVE-2016-10173 is a directory traversal vulnerability in Ruby gems minitar (before 0.6) and archive-tar-minitar (before 0.5.2). The flaw allows a remote attacker to write arbitrary files by crafting a TAR archive entry containing a path with "..". Public references across NVD, CNVD, GitHub adviso...
CVE-2016-10173
Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. dot dot in a TAR archive entry...
Debian DSA-3778-1 : ruby-archive-tar-minitar - security update
Michal Marek discovered that ruby-archive-tar-minitar, a Ruby library that provides the ability to deal with POSIX tar archive files, is prone to a directory traversal vulnerability. An attacker can take advantage of this flaw to overwrite arbitrary files during archive extraction via a .. dot do...
[SECURITY] [DSA 3778-1] ruby-archive-tar-minitar security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3778-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 31, 2017 https://www.debian.org/security/faq -...
PT-2017-7783
Name of the Vulnerable Software and Affected Versions minitar versions prior to 0.6 archive-tar-minitar version 0.5.2 Description The issue allows remote attackers to write to arbitrary files via a .. dot dot in a TAR archive entry. This is a directory traversal vulnerability in the minitar and...
Debian DLA-808-1 : ruby-archive-tar-minitar security update
It has been found that rubygem archive-tar-minitar allows attackers to overwrite arbitrary files during archive extraction via a .. dot dot in an extracted filename. For Debian 7 'Wheezy', these problems have been fixed in version 0.5.2-2+deb7u1. We recommend that you upgrade your...
DSA-3778-1 ruby-archive-tar-minitar - security update
Bulletin has no description...
[SECURITY] [DLA 808-1] ruby-archive-tar-minitar security update
Package : ruby-archive-tar-minitar Version : 0.5.2-2+deb7u1 CVE ID : CVE-2016-10173 Debian Bug : 853249 It has been found that rubygem archive-tar-minitar allows attackers to overwrite arbitrary files during archive extraction via a .. dot dot in an extracted filename. For Debian 7 "Wheezy", thes...