10 matches found
SUSE: Security Advisory (SUSE-SU-2015:1433-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 23 : p7zip-15.09-4.fc23 (2015-fadaa9953e)
Fix CVE-2015-1038 1179505 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenabl...
Fedora 22 : p7zip-15.09-4.fc22 (2015-d5cc306730)
Fix CVE-2015-1038 1179505 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenabl...
Mageia: Security Advisory (MGASA-2015-0252)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : p7zip (SUSE-SU-2015:1433-1)
This update fixes the following security issue : - CVE-2015-1038: directory traversal vulnerability bnc912878 This could for the overwriting of arbitrary files through uncompressing a crafted archive, with the privileges of the user running 7z Note that Tenable Network Security has extracted the...
openSUSE Security Update : p7zip (openSUSE-2015-456)
p7zip was update to fix one security issue. The following vulnerability was fixed : - CVE-2015-1038: Attackers could have written to arbitrary files via a symlink attack in a specially crafted archive boo912878 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
Updated p7zip package fixes security vulnerability
Alexander Cherepanov discovered that p7zip is susceptible to a directory traversal vulnerability. While extracting an archive, it will extract symlinks and then follow them if they are referenced in further entries. This can be exploited by a rogue archive to write files outside the current...
CVE-2015-1038
p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive...
CVE-2015-1038
p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive...
CVE-2015-1038
CVE-2015-1038 affects p7zip and is due to a directory traversal via a symlink attack during archive extraction, enabling writes to arbitrary files. The issue is addressed in multiple distributions (e.g., Fedora 22/23 updates; SUSE/openSUSE/SLE S12/SLES12 updates; Mageia/Debian DSA-3289; OpenSUSE ...