Displaying 2 results from an estimated 2 matches for "gnutype_nam".
Did you mean:
gnutype_names
2006 Dec 06
0
FreeBSD Security Advisory FreeBSD-SA-06:26.gtar
...ecurity.FreeBSD.org/>.
I. Background
GNU tar (gtar) is a utility to create and extract "tape archives",
commonly known as tar files. GNU tar is included in FreeBSD 4.x as
/usr/bin/tar, and in FreeBSD 5.x as /usr/bin/gtar.
II. Problem Description
Symlinks created using the "GNUTYPE_NAMES" tar extension can be
absolute due to lack of proper sanity checks.
III. Impact
If an attacker can get a user to extract a specially crafted tar
archive the attacker can overwrite arbitrary files with the
permissions of the user running gtar. If file system permissions
allow it, this may...
2006 Dec 06
0
FreeBSD Security Advisory FreeBSD-SA-06:26.gtar
...ecurity.FreeBSD.org/>.
I. Background
GNU tar (gtar) is a utility to create and extract "tape archives",
commonly known as tar files. GNU tar is included in FreeBSD 4.x as
/usr/bin/tar, and in FreeBSD 5.x as /usr/bin/gtar.
II. Problem Description
Symlinks created using the "GNUTYPE_NAMES" tar extension can be
absolute due to lack of proper sanity checks.
III. Impact
If an attacker can get a user to extract a specially crafted tar
archive the attacker can overwrite arbitrary files with the
permissions of the user running gtar. If file system permissions
allow it, this may...