453 matches found
CVE-2002-1216
GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check...
CVE-2002-1216
GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check...
CVE-2002-1216
GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check...
CVE-2002-0399
Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a 1 "/.." or 2 "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267...
CVE-2002-0399
Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a 1 "/.." or 2 "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267...
CVE-2002-0399
CVE-2007-4559 is a directory traversal vulnerability in the tarfile module of Python, allowing a tar archive containing a .. sequence to overwrite arbitrary files during extraction. The issue is referenced in multiple Nessus advisories (e.g., Alibaba Cloud Linux 3 advisory ALINUX3-SA-2024:0040 an...
CVE-2001-1267
Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. dot dot...
Multiple archivers directory traversal and path globbing
Topic: Directory traversal and path globbing in multiple archivers Author: 3APA3A Affected Software: GNU tar = 1.13.19, Info-Zip UnZip = 5.42, RARSoft rar = 2.02, PKWare pkzipc = 4.00 Not affected: rar 2.80, WinZIP 8.0 Risk: low/average Released: July, 2, 2001 SECURITY.NNOV advisories:...
tar-symlink.txt
Title : GNU tar Tape ARchive symlinkvulnerability Author : Marco van Berkum Organisation : OBIT b.v. URL : http://www.obit.nl Email : [email protected] Date : 06-01-2001 The usefull program tar Tape ARchive is used by all UNIX, Linux and BSD versions around and is used to ARCHIVE files to disk o...
CVE-1999-0202
The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands...
CVE-1999-0202
CVE-1999-0202 affects the GNU tar command when used in FTP sessions, enabling an attacker to execute arbitrary commands via the tar process. The connected records consistently describe this as a vulnerability in GNU tar in FTP contexts with potential for remote command execution; however, explici...
CVE-1999-0202
The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands...
PT-1997-1094 · Gnu · Gnu Tar
Name of the Vulnerable Software and Affected Versions: GNU tar affected versions not specified Description: The issue allows an attacker to execute arbitrary commands when the GNU tar command is used in FTP sessions. Recommendations: At the moment, there is no information about a newer version th...