CVE-2005-1229

9 documents9 sources

Severity

4.6MEDIUM

EPSS

1.0%

top 23.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

GNU Cpio

Timeline

PublishedMay 2

Latest updateMay 3

Description

Directory traversal vulnerability in cpio 2.6 and earlier allows remote attackers to write to arbitrary directories via a .. (dot dot) in a cpio file.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

▶Debiancpio< 2.6-6+3

▶NVDgnu/cpio2.6

🔴Vulnerability Details

GHSA

GHSA-g564-fjp3-fqpr: Directory traversal vulnerability in cpio 2↗2022-05-03

▶

OSV

CVE-2005-1229: Directory traversal vulnerability in cpio 2↗2005-05-02

▶

CVEList

CVE-2005-1229: Directory traversal vulnerability in cpio 2↗2005-04-22

▶

📋Vendor Advisories

BSD

FreeBSD-SA-06:03.cpio: Multiple vulnerabilities cpio↗2006-01-11

▶

Ubuntu

cpio vulnerabilities↗2005-09-29

▶

Red Hat

cpio directory traversal issue↗2005-04-20

▶

Debian

CVE-2005-1229: cpio - Directory traversal vulnerability in cpio 2.6 and earlier allows remote attacker...↗2005

▶

💬Community

Bugzilla

CVE-2005-1229 cpio directory traversal issue↗2005-04-28

▶