CVE-2001-1267

Name of the Vulnerable Software and Affected Versions GNU tar versions 1.13.19 and earlier Red Hat Linux (affected versions not specified)

Description The issue concerns multiple vulnerabilities in the tar package, which can lead to the integrity of protected information being compromised. Exploitation of these vulnerabilities can be performed remotely. A directory traversal vulnerability in GNU tar allows local users to overwrite arbitrary files during archive extraction via a tar file with filenames containing .. (dot dot).

Recommendations For GNU tar versions 1.13.19 and earlier, consider restricting access to the archive extraction functionality until a patch is available. For Red Hat Linux, at the moment, there is no information about a newer version that contains a fix for this vulnerability.