Bugtraq mailing list archives
Re: SECURITY.NNOV: directory traversal and path globing in multiple archivers
From: Pavel Kankovsky <peak () argo troja mff cuni cz>
Date: Mon, 16 Jul 2001 20:34:05 +0200 (MET DST)
On Thu, 12 Jul 2001, 3APA3A wrote:
GNU tar (all platforms): tar below 1.13.19 including latest releases has no any ".." or absolute path protection. Tar development team was contacted. They replied they're aware of problem and current development version 1.13.19 implements some kind of protection but it doesn't work for most cases due to bug in coding. Exploitation scenario was passed back to development team. I hope it will work then 1.13.19 will be finally released. See attached patch (tar-1.13.19.patch). 1.13.19 sources can be obtained from ftp://alpha.gnu.org/gnu/tar/
Please note that in a unix-like environment, one can also put a symlink pointing "outside" into the archive and make tar follow that symlink later. --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation."
Current thread:
- SECURITY.NNOV: directory traversal and path globing in multiple archivers 3APA3A (Jul 12)
- Re: SECURITY.NNOV: directory traversal and path globing in multiple archivers Andreas Marx (Jul 15)
- Re: SECURITY.NNOV: directory traversal and path globing in multiple archivers Pavel Kankovsky (Jul 16)