oss-sec mailing list archives
Re: CVE Request: cpio -- directory traversal
From: Lyndon Nerenberg <lyndon () orthanc ca>
Date: Thu, 15 Jan 2015 19:09:47 -0800
On Jan 15, 2015, at 6:44 PM, Alexander Cherepanov <ch3root () openwall com> wrote:
cpio is susceptible to a directory traversal vulnerability via symlinks.
This is not a bug. It's doing exactly what you asked of it.
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
Current thread:
- CVE Request: cpio -- directory traversal Alexander Cherepanov (Jan 15)
- Re: CVE Request: cpio -- directory traversal Lyndon Nerenberg (Jan 15)
- Re: CVE Request: cpio -- directory traversal Alexander Cherepanov (Jan 15)
- Re: CVE Request: cpio -- directory traversal cve-assign (Jan 18)
- Re: CVE Request: cpio -- directory traversal Vitezslav Cizek (Feb 02)
- Re: CVE Request: cpio -- directory traversal Alexander Cherepanov (Feb 05)
- Re: CVE Request: cpio -- directory traversal Lyndon Nerenberg (Jan 15)