bug-cpio
[
Top
][
All Lists
]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][
Date Index
][
Thread Index
]
cpiosymlink
From
:
Yiğit Can Yılmaz
Subject
:
cpiosymlink
Date
:
Wed, 2 Dec 2020 21:17:39 +0300
Summary:
A malicious file may be able to overwrite arbitrary files
Steps to reproduce:
1- Download "dirsymlink.cpio" (
https://we.tl/t-Bmd532dZyx
)
2- Extract it with "cpio -i < dirsymlink.cpio" command
Proof of concept:
dirsymlink.mp4
Tested on :
Ubuntu 20.10
cpio 2.13
dirsymlink.mp4
Description:
video/mp4
reply via email to
[Prev in Thread]
Current Thread
[Next in Thread]
cpiosymlink
,
Yiğit Can Yılmaz
<=
Index(es):
Date
Thread
dirsymlink.mp4
dirsymlink.mp4