CVE-2001-1267

Currently unrated

Key Information:

Vendor: Gnu
Status: Tar
Vendor: CVE Published:; 12 July 2001

Summary

Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot).

References

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

http://www.redhat.com/support/errata/RHSA-2002-096.html

vendor-advisoryx_refsource_REDHAT

http://online.securityfocus.com/archive/1/196445

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability Reserved
May 1, 2002
Vulnerability published
Jul 12, 2001