Download
| Alert*
oval:org.secpod.oval:def:605626
Etienne Stalmans discovered that unsquashfs in squashfs-tools, the tools to create and extract Squashfs filesystems, does not validate filenames for traversal outside of the destination directory. An attacker can take advantage of this flaw for writing to arbitrary files to the filesystem if a malfo ... oval:org.secpod.oval:def:75868 Etienne Stalmans discovered that unsquashfs in squashfs-tools, the tools to create and extract Squashfs filesystems, does not validate filenames for traversal outside of the destination directory. An attacker can take advantage of this flaw for writing to arbitrary files to the filesystem if a malfo ... oval:org.secpod.oval:def:706120 squashfs-tools: Tools to create and modify squashfs filesystems squashfs-tools could be made to overwrite files. oval:org.secpod.oval:def:75932 squashfs-tools: Tools to create and modify squashfs filesystems squashfs-tools could be made to overwrite files. oval:org.secpod.oval:def:120775 Squashfs is a highly compressed read-only filesystem for Linux. This package contains the utilities for manipulating squashfs filesystems. oval:org.secpod.oval:def:1701443 Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service via a crafted input, which triggers a stack-based buffer overflow. unsquash-1.c, unsquash-2.c, unsquash-3.c, and unsquash-4.c in Squashfs and sas ... oval:org.secpod.oval:def:120691 Squashfs is a highly compressed read-only filesystem for Linux. This package contains the utilities for manipulating squashfs filesystems. oval:org.secpod.oval:def:3301375 Security update for squashfs oval:org.secpod.oval:def:89051094 This update for squashfs fixes the following issues: * CVE-2015-4645,CVE-2015-4646: Multiple buffer overflows fixed in squashfs- tools * CVE-2021-40153: Fixed an issue where an attacker might have been able to write a file outside of destination * CVE-2021-41072: Fixed an issue where an attacker m ... oval:org.secpod.oval:def:89051175 This update for squashfs fixes the following issues: * CVE-2015-4645,CVE-2015-4646: Multiple buffer overflows fixed in squashfs- tools * CVE-2021-40153: Fixed an issue where an attacker might have been able to write a file outside of destination * CVE-2021-41072: Fixed an issue where an attacker m ... |