forwarded 642028 http://code.google.com/p/theunarchiver/issues/detail?id=392 thanks
Hi Jakub, On Sun, Sep 18, 2011 at 07:28:56PM +0200, Jakub Wilk wrote: > theunarchiver is affected by a directory traversal vulnerability. It > can be tricked by a specially crafted .tar file to unpack stuff into > an arbitrary directory. > > Proof of concept: > > $ ls -l /tmp/punt > /bin/ls: cannot access /tmp/punt: No such file or directory > > $ pwd > /home/jwilk/traversal-test > > $ unar traversal.tar.gz > Extracting traversal.tar.gz... > traversal.tar (?)... > root (link)... Failed! (Unknown error) > root (dir)... OK. > root/tmp (dir)... OK. > root/tmp/punt (0)... OK. > Failed! (Unknown error) > > $ ls -l /tmp/punt > -rw-r--r-- 1 jwilk users 0 Sep 18 17:00 /tmp/punt Thank you for reporting this problem. I've forwarded it upstream. -- Matt Kraai https://ftbfs.org/kraai -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
