================================ cpio directory traversal vulnerability ================================ Software: cpio Version: cpio 2.6 Software URL: <http://www.gnu.org/software/cpio/> Platform: Unix, Linux. Vulnerability type: Input validation Severity: Medium, local vuln, Can result in privilege escalation. Vulnerable software ==================== cpio 2.6 and previous versions running on unix. Vulnerability ============== There is a vulnerability in cpio that allows a malicious cpio file to extract to an arbitrary directory of the attackers choice. cpio will extract to the path specified in the cpio file, this path can be absolute. This vulnerability can be used to make the cpio file extract to a directory which the attacker has write access to. This vulnerability then be used in combination with the cpio TOCTOU file-permissions vulnerability (CAN-2005-1111, Bugtraq #13159) to change the permissions on arbitrary files belonging to the user. Fix ======== None available at the present time.
