Directory Traversal Vulnerability in GNU Patch by GNU
CVE-2010-4651

Currently unrated

Key Information:

Vendor: Gnu
Status: Gnu Patch
Vendor: CVE Published:; 11 March 2011

Summary

The vulnerability found in GNU Patch allows remote attackers to exploit a directory traversal issue by utilizing specially crafted filenames that contain '..' sequences or full pathnames. This opens the possibility for unauthorized creation or overwriting of arbitrary files, potentially compromising system integrity. The vulnerability is related to other known issues and affects versions up to 2.6.1, underscoring the critical need for users to implement patches or upgrades to safeguard their systems.

References

http://www.vupen.com/english/advisories/2011/0600

vdb-entryx_refsource_VUPEN

http://support.apple.com/kb/HT4723

x_refsource_CONFIRM

http://openwall.com/lists/oss-security/2011/01/06/20

mailing-listx_refsource_MLIST

Timeline

Vulnerability published
Mar 11, 2011
Vulnerability Reserved
Jan 3, 2011