User: Password:
Subscribe / Log in / New account

File overwrite vulnerability in tar and unzip

Package(s):tar unzip CVE #(s):CAN-2001-1267 CAN-2001-1268 CAN-2001-1269 CAN-2002-0399
Created:October 1, 2002 Updated:April 10, 2006
Description: The tar utility does not properly filter file names containing "../", meaning that a hostile archive can, if unpacked by an unsuspecting user, overwrite any file that is writable by that user. GNU tar versions 1.13.19 and earlier are vulnerable; unzip through version 5.42 has the same vulnerability.
Fedora-Legacy FLSA:183571-1 tar 2006-04-04
Red Hat RHSA-2006:0195-01 tar 2006-02-21
Conectiva CLA-2002:538 tar unzip 2002-10-29
Mandrake MDKSA-2002:066 tar 2002-10-10
Mandrake MDKSA-2002:065 unzip 2002-10-10
EnGarde ESA-20021003-022 tar 2002-10-03
Gentoo unzip-20021001 unzip 2002-10-01
Gentoo tar-20021001 tar 2002-10-01
Red Hat RHSA-2002:096-24 unzip tar 2002-09-18

(Log in to post comments)

Not exactly news...

Posted Oct 2, 2002 21:45 UTC (Wed) by roelofs (guest, #2599) [Link]

The UnZip vulnerability was reported on Bugtraq more than a year ago and has been prominently displayed on the UnZip home page ever since then. UnZip 5.5, which fixes the bug, was released more than seven and a half months ago.

There are also a number of related (i.e., data-loss) bugs against various versions of Zip and UnZip listed on the Info-ZIP FAQ page.

Greg Roelofs

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds