Lucene search

[email protected]CVE-2001-1267

HistorySep 01, 2004 - 4:00 a.m.

CVE-2001-1267

2004-09-0104:00:00

[email protected]

web.nvd.nist.gov

cve-2001-1267

gnu tar

directory traversal vulnerability

nvd

archive extraction

6.5 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON

Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a … (dot dot).

Affected configurations

NVD

Node

gnutarRange≤1.13.19

CPENameOperatorVersion
gnu:targnu tarle1.13.19

CPE	Name	Operator	Version
gnu:tar	gnu tar	le	1.13.19

References

ftp://alpha.gnu.org/gnu/tar/tar-1.13.25.tar.gz

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000538

online.securityfocus.com/advisories/4514

online.securityfocus.com/archive/1/196445

sunsolve.sun.com/search/document.do?assetkey=1-26-47800-1

www.iss.net/security_center/static/10224.php

www.mandrakesoft.com/security/advisories?name=MDKSA-2002:066

www.redhat.com/support/errata/RHSA-2002-096.html

www.redhat.com/support/errata/RHSA-2002-138.html

www.redhat.com/support/errata/RHSA-2003-218.html

www.securityfocus.com/bid/3024

Social References

6.5 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2001-1267

cvelist3 nvd3 nessus38 ubuntucve1 prion1 openvas6 cve2 rubygems2 securityvulns2