gnu tar 1.13.25 vulnerabilities and exploits

(subscribe to this query)

445

VMScore

Directory traversal vulnerability in GNU tar 1.13.19 up to and including 1.13.25, and possibly later versions, allows malicious users to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash b...

Gnu Tar 1.13.25

605

VMScore

Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote malicious users to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.

Gnu Tar 1.13.19 Gnu Tar 1.13.25 Gnu Tar 1.15.91 Gnu Tar 1.16 Gnu Tar 1.13 Gnu Tar 1.13.5 Gnu Tar 1.14 Gnu Tar 1.13.16 Gnu Tar 1.13.17 Gnu Tar 1.13.18 Gnu Tar 1.15.1 Gnu Tar 1.15.90 Gnu Tar 1.13.11 Gnu Tar 1.13.14 Gnu Tar 1.14.90 Gnu Tar 1.15

445

VMScore

GNU tar 1.13.19 and other versions prior to 1.13.25 allows remote malicious users to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check.

Gnu Tar 1.13.19 Gnu Tar

231

VMScore

The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted malicious users to overwrite arbitrary files via a crafted tar file, probably involving &q...

Gnu Tar 1.13.25 Redhat Enterprise Linux 2.1 Redhat Enterprise Linux Desktop 3.0 Redhat Linux Advanced Workstation 2.1 Redhat Enterprise Linux 3.0

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook