Описание
Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| tar | unfixed | package |
Примечания
This is intended behaviour, after all tar is an archiving tool and you
need to give -p as a command line flag
EPSS
Процентиль: 81%
0.0153
Низкий
Связанные уязвимости
CVSS3: 7
redhat
больше 20 лет назад
Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.
nvd
больше 20 лет назад
Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.
github
больше 3 лет назад
Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.
EPSS
Процентиль: 81%
0.0153
Низкий