Redhat » Enterprise Linux Desktop : Security Vulnerabilities, CVEs, Published In 2005 (Directory traversal)
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/".
Max CVSS
2.6
EPSS Score
0.11%
Published
2005-12-31
Updated
2018-10-19
1 vulnerabilities found