Directory Traversal Flaw in cpio Product by Various Vendors
CVE-2005-1229
Currently unrated
Summary
A directory traversal vulnerability exists in cpio 2.6 and earlier, enabling remote attackers to exploit the file extraction process. By using a specially crafted cpio file with a '..' (dot dot) sequence, an attacker can manipulate the directory structure, allowing unauthorized writing to arbitrary directories. This flaw can compromise the security of the affected systems, highlighting the importance of proper input validation in file handling processes.
References
Timeline
Vulnerability published
Vulnerability Reserved