Symlink Attack Vulnerability in GNU Tar by GNU Project
CVE-2002-1216
Currently unrated
What is CVE-2002-1216?
GNU Tar versions prior to 1.13.25 are vulnerable to a symlink attack that allows remote attackers to overwrite arbitrary files. This vulnerability arises from a security check modification that was improperly implemented, making it possible for attackers to exploit this flaw without proper validation of file paths during extraction. Users of affected versions should upgrade to mitigate the risk associated with file overwrites and unauthorized access.