Vulnerability in Gnu Tar
CVE-2002-1216
GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check.
EPSS: 0.016 (72.2th percentile) — read the EPSS interpretation.
Affected products
- Gnu Tar — versions 1.13.19
- N/a — versions n/a
References
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory, Patch, Vendor Advisory)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (vdb-entry, Vendor Advisory, x_refsource_XF)
- cve@mitre.org (vendor-advisory, x_refsource_MANDRIVA)
- cve@mitre.org (vendor-advisory, x_refsource_OPENPKG)