LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

tar: symlink path traversal vulnerability

Package(s):tar CVE #(s):CVE-2007-4131
Created:August 23, 2007 Updated:December 28, 2007
Description: The tar utility has a symlink path traversal vulnerability involving extracted archives. Maliciously created tar archives can be used to write arbitrary data to files that the tar user has write access to.
Alerts:
Debian DSA-1438-1 2007-12-28
Gentoo 200709-09 2007-09-15
Mandriva MDKSA-2007:173 2007-09-04
Fedora FEDORA-2007-683 2007-08-30
SuSE SUSE-SR:2007:018 2007-08-31
Fedora FEDORA-2007-1890 2007-08-29
Ubuntu USN-506-1 2007-08-28
rPath rPSA-2007-0172-1 2007-08-25
Foresight FLEA-2007-0049-1 2007-08-27
Red Hat RHSA-2007:0860-01 2007-08-23
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds