Security Advisory

CVE-2005-1918

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2006-02-21 19:00:00

Last updated 2024-08-07 22:06:57

Assigner redhat

State PUBLISHED

Description

The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/".

← Browse all CVEs View on cve.org ↗