Directory Traversal Vulnerability in GNU Tar by GNU
CVE-2001-1267

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
12 July 2001

Summary

A directory traversal vulnerability exists in GNU Tar versions 1.13.19 and earlier, allowing local users to manipulate file paths in a tar file. By including special directory traversal characters (..) in the filenames, attackers can overwrite arbitrary files on the system during the extraction process. This vulnerability poses significant risk as it can lead to unauthorized file modifications and data loss.

References

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.