Описание
Directory traversal vulnerability in the read_long_names function in libelf/elf_begin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / (slash) in a crafted archive, as demonstrated using the ar program.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 0.160-0ubuntu3 |
| esm-infra-legacy/trusty | released | 0.158-0ubuntu5.2 |
| lucid | released | 0.143-1ubuntu0.1 |
| precise | released | 0.152-1ubuntu3.1 |
| trusty | released | 0.158-0ubuntu5.2 |
| trusty/esm | released | 0.158-0ubuntu5.2 |
| upstream | released | 0.159-4.1 |
| utopic | released | 0.160-0ubuntu2.1 |
Показывать по
Ссылки на источники
EPSS
6.4 Medium
CVSS2
Связанные уязвимости
Directory traversal vulnerability in the read_long_names function in libelf/elf_begin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / (slash) in a crafted archive, as demonstrated using the ar program.
Directory traversal vulnerability in the read_long_names function in libelf/elf_begin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / (slash) in a crafted archive, as demonstrated using the ar program.
Directory traversal vulnerability in the read_long_names function in l ...
EPSS
6.4 Medium
CVSS2