Executive Summary

Informations
NameCVE-2005-1229First vendor Publication2005-05-02
VendorCveLast vendor Modification2016-10-17

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score4.6Attack RangeLocal
Cvss Impact Score6.4Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Security Protection

ImpactsProvides unauthorized access : Allows partial confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service.

Detail

Directory traversal vulnerability in cpio 2.6 and earlier allows remote attackers to write to arbitrary directories via a .. (dot dot) in a cpio file.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1229

CPE : Common Platform Enumeration

TypeDescriptionCount
Application9

OpenVAS Exploits

DateDescription
2009-04-09Name : Mandriva Update for cpio MDKSA-2007:233 (cpio)
File : nvt/gb_mandriva_MDKSA_2007_233.nasl
2008-09-04Name : FreeBSD Security Advisory (FreeBSD-SA-06:03.cpio.asc)
File : nvt/freebsdsa_cpio.nasl
2008-01-17Name : Debian Security Advisory DSA 846-1 (cpio)
File : nvt/deb_846_1.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
17939cpio Traversal Arbitrary File Creation

Nessus® Vulnerability Scanner

DateDescription
2007-11-29Name : The remote Mandrake Linux host is missing a security update.
File : mandrake_MDKSA-2007-233.nasl - Type : ACT_GATHER_INFO
2006-01-15Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-189-1.nasl - Type : ACT_GATHER_INFO
2005-10-11Name : The remote Debian host is missing a security-related update.
File : debian_DSA-846.nasl - Type : ACT_GATHER_INFO
2005-07-12Name : The remote Mandrake Linux host is missing a security update.
File : mandrake_MDKSA-2005-116.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/13291
BUGTRAQ http://marc.info/?l=bugtraq&m=111403177526312&w=2
DEBIAN http://www.debian.org/security/2005/dsa-846
FREEBSD ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:03.cpio.asc
MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:233
SCO ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.2/SCOSA-2006.2.txt
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.32/SCOSA-2005.32.txt
SUSE http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html
UBUNTU http://www.ubuntu.com/usn/usn-189-1
XF http://xforce.iss.net/xforce/xfdb/20204

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
DateInformations
2016-10-18 12:01:39
  • Multiple Updates
2016-06-28 15:16:35
  • Multiple Updates
2016-04-26 13:26:39
  • Multiple Updates
2014-02-17 10:31:05
  • Multiple Updates
2013-09-13 13:19:47
  • Multiple Updates
2013-05-11 11:24:21
  • Multiple Updates