PT-2003-1172 · Mpack · Mpack

Publicado

2003-04-11

Atualizado

2008-09-05

CVE-2002-1425

CVSS v2.0

6.4

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions mpack versions 1.5 and earlier

Description A directory traversal issue exists, allowing remote attackers to create new files in the parent directory by using a ../ (dot-dot) sequence in the filename to be extracted.

Recommendations For mpack versions 1.5 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2002-1425

DSA-141

Produtos afetados

Mpack

PT-2003-1172 · Mpack · Mpack

CVE-2002-1425

Identificadores relacionados

Produtos afetados

Referências · 7