CVE-1999-0202

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Jan 1, 1997

Updated: Nov 20, 2024

Summary

CVE-1999-0202 is a vulnerability affecting the GNU tar command, specifically when used during FTP sessions. An attacker can exploit this issue to execute arbitrary commands on the affected system, posing a significant security risk. The vulnerability arises due to insufficient input validation, enabling attackers to inject malicious commands into the tar extraction process. This issue is particularly concerning in FTP sessions, where an attacker may not even need to gain initial access to the system, making it essential to apply relevant patches promptly.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

University of Washington

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlQJF
https://www.cve.org/CVERecord?id=CVE-1999-0202
https://nvd.nist.gov/vuln/detail/CVE-1999-0202

Back to Vulnerability Database

CVE-1999-0202

CVSS 2.0 Score 7.5 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations