CVE-2002-0178

Name of the Vulnerable Software and Affected Versions sharutils versions prior to 4.2.1

Description The issue concerns the uudecode function in the sharutils package, which fails to check if the filename of the uudecoded file is a pipe or symbolic link. This could allow attackers to overwrite files or execute commands, potentially leading to a breach of confidentiality, integrity, and availability of protected information. The exploitation of this issue can be carried out locally.

Recommendations For versions prior to 4.2.1, update to version 4.2.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of the uudecode function to minimize the risk of exploitation.