SerenityOS/serenity

unzip: Directory traversal vulnerability may lead to command execution / privilege escalation

4 years ago

👍

Same issue as #3991 in tar.

This could also be used to gain command execution on the host, or elevate privileges to the anon user from a lower privileged user, in the event that anon extracts a malicious tar file.

Command execution via /etc/shellrc (as root) or /home/anon/.config/Terminal.ini (as anon).

SerenityOS / serenity

The Serenity Operating System 🐞

30.6k

Contributors get 100% of received funds after fees

How does funding with Polar work?

Pay now to fund the work behind this issue.

Get updates on progress being made.

Maintainer is rewarded once the issue is completed.

FAQ

Backer

You're funding impactful open source efforts

Contributor

You want to contribute to this effort

Maintainer

You want to get funding like this too

SerenityOS/serenity

unzip: Directory traversal vulnerability may lead to command execution / privilege escalation

How does funding with Polar work?

Backer

Why does "Fund on completion" require GitHub login?

When is the invoice due for "Fund on completion"?

What happens if the issue is never completed?

Do I get any extra benefits by funding?

Do I get progress updates?

Contributor

Do I get a reward?

Is rewards guaranteed?

Maintainer

How can I get funding like this for my open source initiatives?