Описание
Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assisted remote attackers to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.26-2ubuntu0.1 |
| devel | DNE | |
| edgy | ignored | end of life, was needs-triage |
| feisty | ignored | end of life, was needs-triage |
| gutsy | released | 1.31-1ubuntu0.1 |
| hardy | released | 1.36-1ubuntu0.1 |
| intrepid | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | |
| devel | not-affected | 5.10.0-19ubuntu1 |
| feisty | not-affected | |
| gutsy | not-affected | |
| hardy | not-affected | |
| intrepid | released | 5.10.0-11.1ubuntu2.2 |
| upstream | needs-triage |
Показывать по
6.8 Medium
CVSS2
Связанные уязвимости
Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assisted remote attackers to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences.
Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assisted remote attackers to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences.
Directory traversal vulnerability in the Archive::Tar Perl module 1.36 ...
Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assisted remote attackers to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences.
ELSA-2010-0505: perl-Archive-Tar security update (MODERATE)
6.8 Medium
CVSS2