BugTraq
Directory traversal vulnerabilities in several archivers processing .tar Dec 16 2002 11:40PM
Florian Schafferhans (fs computer-security de) (2 replies)
RE: Directory traversal vulnerabilities in several archivers processing .tar Dec 18 2002 05:18AM
Andrew Kopp (drewk nexed net) (2 replies)
RE: Directory traversal vulnerabilities in several archivers processing .tar Dec 20 2002 02:36PM
konto mailingowe (maillists black punkt pl)
Re: Directory traversal vulnerabilities in several archivers processing .tar Dec 19 2002 07:35PM
Stephen Samuel (samuel bcgreen com)
Re: Directory traversal vulnerabilities in several archivers processing .tar Dec 17 2002 05:54PM
der Mouse (mouse Rodents Montreal QC CA)
> [...how tarfile readers don't check for .. components...]

> Affected
> [long list]

Not affected: my tar, when run with the appropriate option to make it
paranoid about extraction. (With the option set, it refuses to extract
anything that would be placed anywhere not under the current
directory. At least it's supposed to, and as far as I know it does.)

/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML mouse (at) rodents.montreal.qc (dot) ca [email concealed]
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B

[ reply ]
 

Privacy Statement
Copyright 2010, SecurityFocus