oss-sec mailing list archives
Re: CVE Request: cpio -- directory traversal
From: Alexander Cherepanov <ch3root () openwall com>
Date: Fri, 16 Jan 2015 07:31:25 +0300
On 2015-01-16 06:09, Lyndon Nerenberg wrote:
On Jan 15, 2015, at 6:44 PM, Alexander Cherepanov wrote:cpio is susceptible to a directory traversal vulnerability via symlinks.This is not a bug. It's doing exactly what you asked of it.
Could you please elaborate? Citing my email to upstream: "--no-absolute-filenames option seems to be intended to limit extracting contents of an archive to be strictly inside a current directory (it guards against both absolute paths and relative paths with .. in them). However it can be bypassed with symlinks [extracted from the archive]."
-- Alexander Cherepanov
Current thread:
- CVE Request: cpio -- directory traversal Alexander Cherepanov (Jan 15)
- Re: CVE Request: cpio -- directory traversal Lyndon Nerenberg (Jan 15)
- Re: CVE Request: cpio -- directory traversal Alexander Cherepanov (Jan 15)
- Re: CVE Request: cpio -- directory traversal cve-assign (Jan 18)
- Re: CVE Request: cpio -- directory traversal Vitezslav Cizek (Feb 02)
- Re: CVE Request: cpio -- directory traversal Alexander Cherepanov (Feb 05)
- Re: CVE Request: cpio -- directory traversal Lyndon Nerenberg (Jan 15)