Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote malicious users to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu tar 1.13.19 |
||
gnu tar 1.13.25 |
||
gnu tar 1.15.91 |
||
gnu tar 1.16 |
||
gnu tar 1.13 |
||
gnu tar 1.13.5 |
||
gnu tar 1.14 |
||
gnu tar 1.13.16 |
||
gnu tar 1.13.17 |
||
gnu tar 1.13.18 |
||
gnu tar 1.15.1 |
||
gnu tar 1.15.90 |
||
gnu tar 1.13.11 |
||
gnu tar 1.13.14 |
||
gnu tar 1.14.90 |
||
gnu tar 1.15 |