CVE-2005-1229
CPIO (GNU cpio) prior to version 2.6 is affected by CVE-2005-1229, a directory-traversal flaw that lets an attacker write to arbitrary directories during extraction via a .. path in an archive. The root cause is that cpio does not sanitise extracted paths (even with --no-absolute-filenames). Cons...