File Overwrite Vulnerability in Sharutils by GNU
CVE-2005-0990

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
2 May 2005

Summary

A vulnerability in the GNU sharutils version 4.2.1 allows local users to perform a symlink attack, potentially overwriting arbitrary files. The issue arises when unshar (unshar.c) creates temporary files without proper validation, leading to security risks for the system. Users can exploit this flaw if they have the ability to create symlinks, which can be directed to sensitive or critical files on the system.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.