pentagrid,

Today we published an advisory for Busybox cpio. When extracting cpio archives with BusyBox cpio, the cpio archiving tools may write files outside the destination directory and there is no option to prevent this.

Full advisory: https://www.pentagrid.ch/en/blog/busybox-cpio-directory-traversal-vulnerability

ljrk,
@ljrk@todon.eu avatar

@pentagrid Ah, busybox, a sure-fire source of old-school bugs :3

  • All
  • Subscribed
  • Moderated
  • Favorites
  • infosec
  • DreamBathrooms
  • InstantRegret
  • ethstaker
  • magazineikmin
  • GTA5RPClips
  • rosin
  • modclub
  • Youngstown
  • ngwrru68w68
  • slotface
  • osvaldo12
  • kavyap
  • mdbf
  • thenastyranch
  • JUstTest
  • everett
  • cubers
  • cisconetworking
  • normalnudes
  • Durango
  • anitta
  • khanakhh
  • tacticalgear
  • tester
  • provamag3
  • megavids
  • Leos
  • lostlight
  • All magazines