GNU tar directory traversal vulnerability in Red Hat Enterprise Linux
CVE-2005-1918
Currently unrated
Summary
A vulnerability in GNU tar allows user-assisted attackers to exploit a flaw in the patch for a prior directory traversal issue. By crafting a malicious tar file that manipulates path sequences, an attacker can overwrite arbitrary files on the system. This occurs due to an incorrect optimization in the original patch, which fails to fully mitigate the risk associated with path traversal, thus potentially leading to significant security breaches.
References
Timeline
Vulnerability published
Vulnerability Reserved