CVE-2002-0178

Currently unrated

Key Information:

Vendor: Gnu
Status: Sharutils
Vendor: CVE Published:; 29 May 2002

Summary

uudecode, as available in the sharutils package before 4.2.1, does not check whether the filename of the uudecoded file is a pipe or symbolic link, which could allow attackers to overwrite files or execute commands.

References

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-04...

vendor-advisoryx_refsource_CALDERA

http://www.securityfocus.com/bid/4742

vdb-entryx_refsource_BID

http://marc.info/?l=bugtraq&m=103599320902432&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
May 29, 2002
Vulnerability Reserved
Apr 17, 2002