3 matches found
CVE-2001-0973
BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space...
CVE-2001-0973
CVE-2001-0973 concerns BSCW groupware (versions 3.3–4.0.2 beta). The vulnerability arises when extracting tar archives into the user’s data-bag space: symbolic links within the tar are followed, allowing a remote attacker to read arbitrary files readable by the web server and potentially overwrit...
CVE-2001-0973
BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space...