Privilege Escalation Vulnerability in Tar by GNU
CVE-2005-2541
Currently unrated
Summary
The Tar utility version 1.15.1 fails to appropriately notify users when extracting files with the setuid or setgid bits set. This oversight can enable both local users and remote attackers to execute unauthorized actions, potentially leading to elevated privileges on the system. Users should be cautious when extracting archives that may contain such files to prevent exploitation of this vulnerability.
References
Timeline
Vulnerability published
Vulnerability Reserved