4 matches found
OESA-2025-1883 busybox security update
BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. It provides a fairly complete environment for any small or embedded system. Security Fixes: In tar in...
DEBIAN-CVE-2015-0857
Cool Projects TarDiff allows remote attackers to execute arbitrary commands via shell metacharacters in the name of a 1 tar file or 2 file within a tar file...
UBUNTU-CVE-2015-0857
Cool Projects TarDiff allows remote attackers to execute arbitrary commands via shell metacharacters in the name of a 1 tar file or 2 file within a tar file...
TarDiff Command Injection Vulnerability
TarDiff is a package comparison tool developed by software developer Josef Spillner. A command injection vulnerability exists in TarDiff. The vulnerability can be exploited to inject arbitrary shell commands by using shell metacharacters in tar file names or filenames in tar files...