Executive Summary

Informations
Name CVE-2005-1229 First vendor Publication 2005-05-02
Vendor Cve Last vendor Modification 2013-09-13

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 4.6 Attack Range Local
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Security Protection

Impacts Provides unauthorized access : Allows partial confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service.

Detail

Directory traversal vulnerability in cpio 2.6 and earlier allows remote attackers to write to arbitrary directories via a .. (dot dot) in a cpio file.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1229

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

OpenVAS Exploits

DateDescription
2009-04-09Name : Mandriva Update for cpio MDKSA-2007:233 (cpio)
File : nvt/gb_mandriva_MDKSA_2007_233.nasl
2008-09-04Name : FreeBSD Security Advisory (FreeBSD-SA-06:03.cpio.asc)
File : nvt/freebsdsa_cpio.nasl
2008-01-17Name : Debian Security Advisory DSA 846-1 (cpio)
File : nvt/deb_846_1.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
17939cpio Traversal Arbitrary File Creation

Nessus® Vulnerability Scanner

DateDescription
2007-11-29Name : The remote Mandrake Linux host is missing a security update.
File : mandrake_MDKSA-2007-233.nasl - Type : ACT_GATHER_INFO
2006-01-15Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-189-1.nasl - Type : ACT_GATHER_INFO
2005-10-11Name : The remote Debian host is missing a security-related update.
File : debian_DSA-846.nasl - Type : ACT_GATHER_INFO
2005-07-12Name : The remote Mandrake Linux host is missing a security update.
File : mandrake_MDKSA-2005-116.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/13291
BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=111403177526312&w=2
DEBIAN http://www.debian.org/security/2005/dsa-846
FREEBSD ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:03.cpio.asc
MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:233
OSVDB http://www.osvdb.org/17939
SCO ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.2/SCOSA-2006.2.txt
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.32/SCOSA-2005.32.txt
SECUNIA http://secunia.com/advisories/16998
http://secunia.com/advisories/17123
http://secunia.com/advisories/18290
http://secunia.com/advisories/18395
http://secunia.com/advisories/20117
http://secunia.com/advisories/27857
SUSE http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html
UBUNTU http://www.ubuntu.com/usn/usn-189-1
XF http://xforce.iss.net/xforce/xfdb/20204

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2014-02-17 10:31:05
  • Multiple Updates
2013-09-13 13:19:47
  • Multiple Updates
2013-05-11 11:24:21
  • Multiple Updates