CVE-2005-0990

Name of the Vulnerable Software and Affected Versions sharutils version 4.2.1

Description The issue affects the sharutils package in Red Hat Enterprise Linux, potentially leading to breaches of confidentiality, integrity, and availability of protected information. Exploitation can be carried out remotely. Specifically, the unshar function in unshar.c allows local users to overwrite arbitrary files via a symlink attack on the unsh.X temporary file.

Recommendations For sharutils version 4.2.1, consider restricting access to the unshar function until a patch is available. As a temporary workaround, avoid using the unshar function to minimize the risk of exploitation.