Oval Definition:	oval:org.mitre.oval:tst:35142
Comment: tar is earlier than 2:1.15.1-23.0.1.el5 Type: rpminfo_test Namespace: linux Check_Existence: at_least_one_exists Check: at least one State Operator: AND References Object: oval:org.mitre.oval:obj:14170 State: oval:org.mitre.oval:ste:10450 Referencing Definitions Definition ID Class Title Last Modified oval:org.mitre.oval:def:10420 V Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive. 2013-04-29
BACK