CVE-2007-4134

Impact:
Moderate
Public Date:
2007-08-21
Bugzilla:
253856: CVE-2007-4134 star directory traversal vulnerability

The MITRE CVE dictionary describes this issue as:

Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.

Find out more about CVE-2007-4134 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (star) RHSA-2007:0873 2007-09-04
Red Hat Enterprise Linux 3 (star) RHSA-2007:0873 2007-09-04
Red Hat Enterprise Linux 4 (star) RHSA-2007:0873 2007-09-04

Acknowledgements

Red Hat would like to thank Robert Buchholz for reporting this issue.
Last Modified

CVE description copyright © 2017, The MITRE Corporation