Vulnerability in Gnu Tar
CVE-2001-1267
Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot).
EPSS: 0.011 (60.4th percentile) — read the EPSS interpretation.
Affected products
- Gnu Tar
- N/a — versions n/a
References
- cve@mitre.org (vendor-advisory, x_refsource_SUNALERT)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory, Patch, Vendor Advisory)
- cve@mitre.org (Vendor Advisory, mailing-list, Exploit, x_refsource_BUGTRAQ, Patch)
- cve@mitre.org (vendor-advisory, x_refsource_CONECTIVA)
- cve@mitre.org (vdb-entry, Vendor Advisory, x_refsource_XF)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
- cve@mitre.org (vendor-advisory, x_refsource_MANDRAKE)
- cve@mitre.org (x_refsource_HP, vendor-advisory)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
- cve@mitre.org (vdb-entry, x_refsource_BID)