The MITRE CVE dictionary describes this issue as:
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/".
Red Hat security errata
|Red Hat Enterprise Linux version 2.1 (tar)||RHSA-2006:0195||February 21, 2006|
|Red Hat Enterprise Linux version 3 (tar)||RHSA-2006:0195||February 21, 2006|
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.