Input Validation Flaw in Uudecode of Sharutils Package by Caldera
CVE-2002-0178

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
29 May 2002

Summary

The uudecode utility from the sharutils package prior to version 4.2.1 lacks proper validation mechanisms for the filename of uudecoded files. This oversight enables attackers to create symbolic links or use pipes to overwrite existing files or execute arbitrary commands on the server. Such vulnerabilities present significant risks, as they can compromise the integrity and security of the system, allowing for unauthorized access or data manipulation.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.