Explore top 10 tips to secure your open-source projects now. Read More
×Gentoo Linux Security Advisory GLSA 200504-06
https://security.gentoo.org/
Severity: Normal
Title: sharutils: Insecure temporary file creation
Date: April 06, 2005
Bugs: #87939
ID: 200504-06
Synopsis
=======
The unshar utility is vulnerable to symlink attacks, potentially
allowing a local user to overwrite arbitrary files.
Background
=========
sharutils is a collection of tools to deal with shar archives.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-arch/sharutils < 4.2.1-r11 >= 4.2.1-r11
==========
Joey Hess has discovered that the program unshar, which is a part of
sharutils, creates temporary files in a world-writable directory with
predictable na...
style>.gentoo_availability{display:block;}
Get the latest Linux and open source security news straight to your inbox.