Input Validation Flaw in Uudecode of Sharutils Package by Caldera
CVE-2002-0178
Currently unrated
Summary
The uudecode utility from the sharutils package prior to version 4.2.1 lacks proper validation mechanisms for the filename of uudecoded files. This oversight enables attackers to create symbolic links or use pipes to overwrite existing files or execute arbitrary commands on the server. Such vulnerabilities present significant risks, as they can compromise the integrity and security of the system, allowing for unauthorized access or data manipulation.
References
Timeline
Vulnerability published
Vulnerability Reserved