CVE-2011-5325

February 15, 2021

Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink.

Summary:

Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink.

Reference Links(if available):

  • https://bugzilla.redhat.com/show_bug.cgi?id=1274215
  • http://www.openwall.com/lists/oss-security/2015/10/21/7
  • https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html
  • https://usn.ubuntu.com/3935-1/
  • http://seclists.org/fulldisclosure/2019/Jun/18

    • CVSS Score (if available)

    v2: / MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N

    v3: / HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

    Links to Exploits(if available)

  • Tags: , , , ,

    You may have missed

    CISA Logo

    CISA: Cisco Releases Security Advisories for Cisco Integrated Management Controller

    April 19, 2024
    alerts

    Cryptographic Vulnerability in PuTTY

    April 19, 2024
    Basta

    Black Basta Ransomware Victim: fluenthome[.]com

    April 19, 2024
    Basta

    Black Basta Ransomware Victim: macphie[.]com

    April 19, 2024
    Basta

    Black Basta Ransomware Victim: columbiapipe[.]com

    April 19, 2024