File Overwrite Vulnerability in Sharutils by GNU
CVE-2005-0990
Currently unrated
Summary
A vulnerability in the GNU sharutils version 4.2.1 allows local users to perform a symlink attack, potentially overwriting arbitrary files. The issue arises when unshar (unshar.c) creates temporary files without proper validation, leading to security risks for the system. Users can exploit this flaw if they have the ability to create symlinks, which can be directed to sensitive or critical files on the system.
References
Timeline
Vulnerability published
Vulnerability Reserved