Mandrake Linux Security Advisory : tar (MDKSA-2002:066)
Medium Nessus Plugin ID 13967
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionA directory traversal vulnerability was discovered in GNU tar version 1.13.25 and earlier that allows attackers to overwrite arbitrary files during extraction of the archive by using a '..' (dot dot) in an extracted filename.
SolutionUpdate the affected tar package.