Directory Traversal Vulnerability in pax by OpenBSD
CVE-2015-1194

Currently unrated

Key Information:

Vendor: Pax Project
Status: Pax
Vendor: CVE Published:; 21 January 2015

🔔 Create Pax Project Vulnerability Alert

What is CVE-2015-1194?

The vulnerability in pax, a widely used archiving utility, allows remote attackers to exploit a directory traversal flaw through the use of symlink attacks. This can enable unauthorized file writes to arbitrary locations within the file system, potentially compromising system integrity and security. Attackers can leverage this vulnerability to manipulate or overwrite critical files by crafting malicious archive files. Administrators are urged to implement necessary patches and update to secure versions of the software. For more information, please refer to related discussions and reports.

References

http://www.openwall.com/lists/oss-security/2015/01/18/3

mailing-listx_refsource_MLIST

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774716

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 21, 2015
Vulnerability Reserved
Jan 18, 2015