CVE-2011-5325

Click the icon to Follow me:- twitterTelegramRedditDiscord

Summary:

Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink.

Reference Links(if available):

  • https://bugzilla.redhat.com/show_bug.cgi?id=1274215
  • http://www.openwall.com/lists/oss-security/2015/10/21/7
  • https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html
  • https://usn.ubuntu.com/3935-1/
  • http://seclists.org/fulldisclosure/2019/Jun/18
  • CVSS Score (if available)

    v2: / MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N

    v3: / HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

    Links to Exploits(if available)