CVE Vulnerabilities

CVE-2005-2541

Published: Aug 10, 2005 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
7 MODERATE
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Ubuntu

Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.

Affected Software

Name Vendor Start Version End Version
Tar Gnu 1.15.1 (including) 1.15.1 (including)

References