GNU tar directory traversal vulnerability in Red Hat Enterprise Linux
CVE-2005-1918

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
31 December 2005

Summary

A vulnerability in GNU tar allows user-assisted attackers to exploit a flaw in the patch for a prior directory traversal issue. By crafting a malicious tar file that manipulates path sequences, an attacker can overwrite arbitrary files on the system. This occurs due to an incorrect optimization in the original patch, which fails to fully mitigate the risk associated with path traversal, thus potentially leading to significant security breaches.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.