Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Gentoo: GLSA-200612-10 Normal: Tar Directory Traversal Threat

gentoo
Calendar Grey December 11, 2006
Dist Gentoo Esm H88
Gentoo GLSA 202302-15 outlines a moderate severity path traversal vulnerability in the Tar utility, which has the potential to lead to file corruption.
Tar is vulnerable to directory traversal possibly allowing for the overwriting of arbitrary files.

Summary

Gentoo Linux Security Advisory GLSA 200612-10 https://security.gentoo.org/ Severity: Normal Title: Tar: Directory traversal vulnerability Date: December 11, 2006 Bugs: #155901 ID: 200612-10

Synopsis ======= Tar is vulnerable to directory traversal possibly allowing for the overwriting of arbitrary files.
Background ========= The Tar program provides the ability to create and manipulate tar archives.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-arch/tar < 1.16-r2 >= 1.16-r2
========== Tar does not properly extract archive elements using the GNUTYPE_NAMES record name, allowing files to be created at arbitrary locations using symlinks. Once a symlin...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory Gentoo security issue directory traversal file overwrite tar normal severity

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory Gentoo security issue directory traversal file overwrite tar normal severity

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here