|
Directory traversal and absolute path in multiple archivers
updated since 11.07.2001 | | Published: |  | 27.08.2007 | | Source: |  | 3APA3A | | SecurityVulns ID: |  | 1320 | | Type: |  | client | | Level: |  | 5/10 | | Description: |  | Directory traversal and absolute path allow to overwrite any file during archive extraction. |
| Affected: |  | GNU : tar 1.13 | | | | INFOZIP : UnZip 5.42 | | | | SPEEDPROJECT : SpeedCommander 8.1 | | | | SPEEDPROJECT : SpeedCommander 9.0 | | | | GAMESPY : Arcade | | | | DZIP : dzip 2.9 | | | | TUGZIP : TUGZip 3.4 | | | | SPEEDCOMMANDER : SpeedCommander 11.0 | | | | PEAR : Archive_Tar 1.2 | | | | WINACE : WinAce 2.6 | | | | STUFFIT : ZipMagic 9.0 | | | | ZIPSTAR : ZipStar 5.1 | | | | UNALZ : unalz 0.53 | | | | WINHKI : WinHKI 1.6 | | | | STUFFIT : StuffIt 9.0 | | | | SQUEEZ : Squeez 5.1 | | | | BITZIPPER : BitZipper 4.1 | | | | MIMARSINAN : CompreXX 4.1 | | | | ACUBIX : PicoZip 4.02 | | | | ARCHIVEXPERT : ArchiveXpert 2.02 | | | | SUN : JDK 1.5 | | | | RARSOFT : WinRAR 3.42 | | | | UNACE : unace 1.2 | | | | CABEXTRACT : cabextract 0.2 | | | | MICROSOFT : CabArc | | | | UNZOO : unzoo 4.4 | | | | STAR : star 1.5 | | | | KGB Archiver 1.1 | | | | RARSOFT : rar 2.02 | | | | PKWARE : pkzip 4.00 | | | | ZIPGENIUS : ZipGenius 5.5 | | | | SUN : JDK 1.4 | | | | GNU : cpio 2.5 | | | | WINZIP : WinZip 8.1 | | | | PKWARE : PKZip 5.00 | | | | ALADDIN : ZipMagic 4.0 | | | | RARSOFT : WinRAR 3.00 | | | | SPEEDPROJECT : Squeez 4.0 | | | | SPEEDPROJECT : Squeez 4.1 | | CVE: |  | CVE-2007-4134 (Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.) | | | | CVE-2007-4131 (Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.) | | | | CVE-2007-2058 (Directory traversal vulnerability in Acubix PicoZip 4.02 allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in the file path in an (1) GZ, (2) TAR, (3) RAR, (4) JAR, or (5) ZIP archive.) | | | | CVE-2007-2012 (Multiple directory traversal vulnerabilities in MimarSinan CompreXX 4.1 allow remote attackers to create files in arbitrary directories via a .. (dot dot) in a (1) .rar, (2) .jar or (3) .zip archive.) | | | | CVE-2007-1954 (Multiple directory traversal vulnerabilities in ArchiveXpert 2.02 build 80 allow remote attackers to create files in arbitrary directories via a .. (dot dot) in a (1) .gz, (2) .jar, (3) .rar, (4) .tar.gz, (5) .zip, or (6) .tar file.) | | | | CVE-2002-0399 (Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267.) | | | | CVE-2001-1267 (Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot).) |
| Original document |  | RPATH, rPSA-2007-0172-1 tar (27.08.2007) |
| | | h e, BitZipper Archive Extraction Directory traversal (23.05.2006) |
| | | h e, TUGZip Archive Extraction Directory traversal (10.04.2006) |
| | | SECUNIA, [SA19511] KGB Archiver Directory Traversal Vulnerability (04.04.2006) |
| | | SECUNIA, [SA19296] WinHKI Multiple Archive Directory Traversal Vulnerability (20.03.2006) |
| | | SECUNIA, Secunia Research: unalz Filename Handling Directory Traversal Vulnerability (13.03.2006) |
| | | h e, SpeedCommander 11.0 & ZipStar 5.1 & Squeez 5.1 Directory traversal (25.02.2006) |
| | | h e, StuffIt and ZipMagic Family of products Directory traversal (25.02.2006) |
| | | h e, WinAce Archiver v2.6 Directory traversal (25.02.2006) |
| | | h e, Archive_Tar v 1.2(Tested) (Tar file management class) Directory traversal (25.02.2006) |
| | | SUN, [SA14902] Sun Java JDK/SDK Jar Directory Traversal Vulnerability (11.04.2005) |
| | | Härnhammar, Ulf, [Full-Disclosure] unace-1.2b multiple buffer overflows and directory traversal bugs (24.02.2005) |
| | | Ripe, 7a69Adv#21 - WinRAR unpack one-folder path disclosure (04.02.2005) |
| | | Ripe, 7a69Adv#19 - ZipGenius unpack path disclosure (04.02.2005) |
| | | DEBIAN, [SECURITY] [DSA 574-1] New cabextract packages fix unintended directory traversal (30.10.2004) |
| | | doubles_(at)_hush.com, [Full-Disclosure] unzoo 4.4 directory travels (14.10.2004) |
| | | jelmer, Microsoft cabarc directory traversal (13.10.2004) |
| | | doubles_(at)_hush.com, [Full-Disclosure] unarj dir-transversal bug (../../../..) (11.10.2004) |
| | | Mike Kristovich, GameSpy Arcade Arbitrary File Writing Vulnerability (31.07.2003) |
| | | Florian Schafferhans, Directory traversal vulnerabilities in several archivers processing .tar (17.12.2002) |
| | | 3APA3A, SECURITY.NNOV: directory traversal and path globbing in multiple archivers (11.07.2001) |
|
|
|
|
|
