4 matches found
Debian DSA-3915-1 : ruby-mixlib-archive - security update
It was discovered that ruby-mixlib-archive, a Chef Software's library used to handle various archive formats, was vulnerable to a directory traversal attack. This allowed attackers to overwrite arbitrary files by using a malicious tar archive containing '..' in its entries. %NASLMINLEVEL 70300 C...
[SECURITY] [DSA 3915-1] ruby-mixlib-archive security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3915-1 [email protected] https://www.debian.org/security/ Sebastien Delafond July 20, 2017 https://www.debian.org/security/faq -...
CVE-2017-1000026
Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable to a directory traversal attack allowing attackers to overwrite arbitrary files by using ".." in tar archive entries...
CVE-2017-1000026
Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable to a directory traversal attack allowing attackers to overwrite arbitrary files by using ".." in tar archive entries...