Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-1194

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2015-1194
Last Modified 23 Jan 2015 04:56:17
Published 21 Jan 2015 01:59:55
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2015-1194

Summary

pax 1:20140703 allows remote attackers to write to arbitrary files via a symlink attack in an archive.

Vulnerable Systems

Application

  • Pax Project Pax 1%3a20140703


References

MISC - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774716

MLIST - [oss-security] 20150118 Re: CVE request: pigz, kgb, pax: directory traversal


Last Updated: 27 May 2016 11:03:26