Executive Summary

Informations
NameCVE-2005-1229First vendor Publication2005-05-02
VendorCveLast vendor Modification2013-09-13

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score4.6Attack RangeLocal
Cvss Impact Score6.4Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Security Protection

ImpactsProvides unauthorized access : Allows partial confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service.

Detail

Directory traversal vulnerability in cpio 2.6 and earlier allows remote attackers to write to arbitrary directories via a .. (dot dot) in a cpio file.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1229

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

OpenVAS Exploits

DateDescription
2009-04-09Name : Mandriva Update for cpio MDKSA-2007:233 (cpio)
File : nvt/gb_mandriva_MDKSA_2007_233.nasl
2008-09-04Name : FreeBSD Security Advisory (FreeBSD-SA-06:03.cpio.asc)
File : nvt/freebsdsa_cpio.nasl
2008-01-17Name : Debian Security Advisory DSA 846-1 (cpio)
File : nvt/deb_846_1.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
17939cpio Traversal Arbitrary File Creation

Nessus® Vulnerability Scanner

DateDescription
2007-11-29Name : The remote Mandrake Linux host is missing a security update.
File : mandrake_MDKSA-2007-233.nasl - Type : ACT_GATHER_INFO
2006-01-15Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-189-1.nasl - Type : ACT_GATHER_INFO
2005-10-11Name : The remote Debian host is missing a security-related update.
File : debian_DSA-846.nasl - Type : ACT_GATHER_INFO
2005-07-12Name : The remote Mandrake Linux host is missing a security update.
File : mandrake_MDKSA-2005-116.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/13291
BUGTRAQhttp://marc.theaimsgroup.com/?l=bugtraq&m=111403177526312&w=2
DEBIANhttp://www.debian.org/security/2005/dsa-846
FREEBSDftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:03.cpio.asc
MANDRIVAhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:233
OSVDBhttp://www.osvdb.org/17939
SCOftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.2/SCOSA-2006.2.txt
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.32/SCOSA-2005.32.txt
SECUNIAhttp://secunia.com/advisories/16998
http://secunia.com/advisories/17123
http://secunia.com/advisories/18290
http://secunia.com/advisories/18395
http://secunia.com/advisories/20117
http://secunia.com/advisories/27857
SUSEhttp://lists.suse.com/archive/suse-security-announce/2006-May/0004.html
UBUNTUhttp://www.ubuntu.com/usn/usn-189-1
XFhttp://xforce.iss.net/xforce/xfdb/20204

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2014-02-17 10:31:05
  • Multiple Updates
2013-09-13 13:19:47
  • Multiple Updates
2013-05-11 11:24:21
  • Multiple Updates