Privilege Escalation Vulnerability in Tar by GNU
CVE-2005-2541

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
10 August 2005

Summary

The Tar utility version 1.15.1 fails to appropriately notify users when extracting files with the setuid or setgid bits set. This oversight can enable both local users and remote attackers to execute unauthorized actions, potentially leading to elevated privileges on the system. Users should be cautious when extracting archives that may contain such files to prevent exploitation of this vulnerability.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.