GNU : Security Vulnerabilities, CVEs, Published In 2005 (Directory traversal) CVSS score >= 1
Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values".
Max CVSS
6.4
EPSS Score
0.42%
Published
2005-11-18
Updated
2011-10-18
Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed.
Max CVSS
5.0
EPSS Score
0.75%
Published
2005-10-30
Updated
2011-03-08
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/".
Max CVSS
2.6
EPSS Score
0.11%
Published
2005-12-31
Updated
2018-10-19
Directory traversal vulnerability in cpio 2.6 and earlier allows remote attackers to write to arbitrary directories via a .. (dot dot) in a cpio file.
Max CVSS
4.6
EPSS Score
0.26%
Published
2005-05-02
Updated
2017-07-11
Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file.
Max CVSS
5.0
EPSS Score
0.84%
Published
2005-05-02
Updated
2017-10-11
Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended to remove "../" and "./" sequences.
Max CVSS
5.0
EPSS Score
0.85%
Published
2005-05-02
Updated
2017-10-11
6 vulnerabilities found