LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > LinuxQuestions.org > Linux - News > Syndicated Linux News
User Name
Password
Syndicated Linux News This forum is for the discussion of Syndicated Linux News stories.

Notices



Reply
 
Search this Thread
Old 11-28-2006, 06:54 AM   #1
LXer
LXer NewsBot
 
Registered: Dec 2005
Posts: 76,265

Rep: Reputation: 87
LXer: Gnu Tar "GNUTYPE_NAMES" Record Handling Directory Traversal ...


Published at LXer:

A vulnerability has been identified in GNU Tar, which could be exploited by malicious people to conduct directory traversal attacks. This flaw is due to errors in the "extract_archive()" and "extract_mangle()" functions when processing a "GNUTYPE_NAMES" record with a symbolic link, which could be exploited by attackers to overwrite arbitrary files by tricking a user into extracting a specially crafted archive.

Read More...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
"bad interpreter : no such file or directory" when configure "flex" acer_peri Linux - Software 10 11-10-2010 02:19 AM
LXer: The GNU "Lesser" General Public License gets some love LXer Syndicated Linux News 0 07-18-2006 06:54 PM
LXer: Title: GNU Binutils libbfd TekHex Record Handling Vulnerability LXer Syndicated Linux News 0 05-27-2006 09:54 AM
how do you install programs extracted from "tar.gz", "bz2", etc? shoelessworm Ubuntu 13 04-12-2006 03:24 PM
Can you explain the difference between "Free Software (GNU)" and "Open Source"? vharishankar General 5 03-03-2005 10:40 AM


All times are GMT -5. The time now is 12:07 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration