What is CVE-2005-1918?

CVE-2005-1918 is a vulnerability in Gnu Tar, classified under Path Traversal. Published 2005-12-31.

Is CVE-2005-1918 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Gnu Tar

CVE-2005-1918

The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar fi…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.029 (84.9th percentile) — read the EPSS interpretation.

Affected products

Gnu Tar — versions 1.13.25
Redhat Enterprise_linux — versions 2.1, 3.0
Redhat Enterprise_linux_desktop — versions 3.0
Redhat Linux_advanced_workstation — versions 2.1
N/a — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

secalert@redhat.com (x_refsource_OVAL, signature, vdb-entry)
secalert@redhat.com (Patch, vdb-entry, x_refsource_BID)
secalert@redhat.com (vendor-advisory, x_refsource_SUSE, Vendor Advisory)
secalert@redhat.com (Patch, vdb-entry, x_refsource_SECTRACK)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
secalert@redhat.com (x_refsource_REDHAT, vendor-advisory, Patch, Vendor Advisory)
secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
secalert@redhat.com (x_refsource_FEDORA, vendor-advisory)

Frequently asked questions

What is CVE-2005-1918?: CVE-2005-1918 is a vulnerability in Gnu Tar, classified under Path Traversal. Published 2005-12-31.
Is CVE-2005-1918 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.