CVE-2002-0399

CVSS 5.0 - MEDIUM
Description

Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267.

Affected Products
1
Vendor Product Version
gnu tar 1.13.25
References
http://distro.conectiva.com.br/atualizacoes/?id=a&...
http://marc.info/?l=bugtraq&m=103419290219680&w=2
http://secunia.com/advisories/19130
http://secunia.com/advisories/26604
http://secunia.com/advisories/26673
http://secunia.com/advisories/26987
http://sunsolve.sun.com/search/document.do?assetke...
http://sunsolve.sun.com/search/document.do?assetke...
http://www.iss.net/security_center/static/10224.ph...
http://www.linuxsecurity.com/advisories/other_advi...
http://www.mandriva.com/security/advisories?name=M...
http://www.novell.com/linux/security/advisories/20...
http://www.novell.com/linux/security/advisories/20...
http://www.redhat.com/support/errata/RHSA-2002-096...
http://www.securityfocus.com/archive/1/477731/100/...
http://www.securityfocus.com/archive/1/477865/100/...
http://www.securityfocus.com/bid/5834
https://issues.rpath.com/browse/RPL-1631
http://distro.conectiva.com.br/atualizacoes/?id=a&...
http://marc.info/?l=bugtraq&m=103419290219680&w=2
Weakness Types
NVD-CWE-Other
CVE Information
CVE ID:
CVE-2002-0399
Published:
2002-10-10
Modified:
2026-04-16
CVSS Score:
5.0
Severity:
MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N
Affected Vendors
gnu
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL