CVE-2005-2541

GNU Tar 1.15.1 - Privilege Escalation via Setuid/Setgid File Extraction

Title source: llm

Description

Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.

References (2)

Core 2

Core References

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=112327628230258&w=2

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E

Scores

EPSS 0.0376

EPSS Percentile 88.2%

Details

Status published

Products (1)

gnu/tar 1.15.1

Published Aug 10, 2005

Tracked Since Feb 18, 2026