Bugtraq mailing list archives

Re: SECURITY.NNOV: directory traversal and path globing in multiple archivers

From: Pavel Kankovsky <peak () argo troja mff cuni cz>
Date: Mon, 16 Jul 2001 20:34:05 +0200 (MET DST)

On Thu, 12 Jul 2001, 3APA3A wrote:

GNU tar (all platforms):

 tar  below  1.13.19  including  latest  releases  has  no any ".." or
 absolute  path  protection.  Tar development team was contacted. They
 replied  they're  aware  of  problem  and current development version
 1.13.19  implements  some  kind of protection but it doesn't work for
 most  cases  due  to  bug in coding. Exploitation scenario was passed
 back  to  development  team. I hope it will work then 1.13.19 will be
 finally  released.  See  attached  patch (tar-1.13.19.patch). 1.13.19
 sources can be obtained from ftp://alpha.gnu.org/gnu/tar/


Please note that in a unix-like environment, one can also put a symlink
pointing "outside" into the archive and make tar follow that symlink
later.

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."

Current thread:

SECURITY.NNOV: directory traversal and path globing in multiple archivers 3APA3A (Jul 12)
- Re: SECURITY.NNOV: directory traversal and path globing in multiple archivers Andreas Marx (Jul 15)
- Re: SECURITY.NNOV: directory traversal and path globing in multiple archivers Pavel Kankovsky (Jul 16)