Directory Traversal Vulnerability in GNU Tar by GNU
CVE-2001-1267
Currently unrated
Summary
A directory traversal vulnerability exists in GNU Tar versions 1.13.19 and earlier, allowing local users to manipulate file paths in a tar file. By including special directory traversal characters (..) in the filenames, attackers can overwrite arbitrary files on the system during the extraction process. This vulnerability poses significant risk as it can lead to unauthorized file modifications and data loss.
References
Timeline
Vulnerability Reserved
Vulnerability published