Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Enterprise_linux | Redhat | 4.0 | 4.0 |
Enterprise_linux | Redhat | 4.0 | 4.0 |
Enterprise_linux | Redhat | 4.0 | 4.0 |
Enterprise_linux | Redhat | 4.0 | 4.0 |
Enterprise_linux | Redhat | 5.0 | 5.0 |
Enterprise_linux_desktop | Redhat | 5.0 | 5.0 |
Rpath_linux | Rpath | 1 | 1 |