13 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-2304
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an...
Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2020-1226)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2019-2202)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2019-2604)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD-SA-16:22.libarchive
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-16:22.libarchive Security Advisory The FreeBSD Project Topic: Directory traversal in cpio1 Category: contrib Module: libarchive Announced: 2016-05-31 Credits:...
SUSE SLED12 / SLES12 Security Update : libarchive (SUSE-SU-2015:0667-1)
libarchive was updated to fix a directory traversal in the bsdcpio tool, which allowed attackers supplying crafted archives to overwrite files. CVE-2015-2304 Also, a integer overflow was fixed that could also overflow buffers. CVE-2013-0211 Note that Tenable Network Security has extracted the...
Ubuntu: Security Advisory (USN-2549-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2549-1: libarchive vulnerabilities
It was discovered that the libarchive bsdcpio utility extracted absolute paths by default without using the --insecure flag, contrary to expectations. If a user or automated system were tricked into extracting cpio archives containing absolute paths, a remote attacker may be able to write to...
openSUSE Security Update : libarchive (openSUSE-2015-248)
libarchive was updated to fix a directory traversal in the bsdcpio tool, which allowed attackers supplying crafted archives to overwrite files. CVE-2015-2304 Also, a integer overflow was fixed that could also overflow buffers. CVE-2013-0211 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
SUSE-SU-2015:0667-1 Security update for libarchive
libarchive was updated to fix a directory traversal in the bsdcpio tool, which allowed attackers supplying crafted archives to overwrite files. CVE-2015-2304 Also, a integer overflow was fixed that could also overflow buffers. CVE-2013-0211...
CVE-2015-2304
Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive...
CVE-2015-2304
CVE-2015-2304 is a vulnerability in libarchive's bsdcpio (libarchive 3.1.2 and earlier) that allows an attacker to write to arbitrary files by supplying a full pathname in an archive (absolute path traversal). Connected advisories (e.g., EulerOS, RHEL/SUSE OpenVAS/NASL entries) enumerate this CVE...
CVE-2015-2304
Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive...