Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD72EE9707-D7B2-11E4-8D8E-F8B156B6DCC8
HistoryMar 27, 2015 - 12:00 a.m.

cpio -- multiple vulnerabilities

2015-03-2700:00:00
vuxml.freebsd.org
16

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.016

Percentile

87.6%

JSON

From the Debian Security Team:

Heap-based buffer overflow in the process_copy_in
function in GNU Cpio 2.11 allows remote attackers to cause
a denial of service via a large block value in a cpio
archive.

cpio 2.11, when using the --no-absolute-filenames
option, allows local users to write to arbitrary files
via a symlink attack on a file in an archive.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchgcpio< 2.11_3UNKNOWN

Related

nessus 41
gentoo 1
openvas 24
prion 3
debian 3
mageia 3
oraclelinux 1
redhat 1
fedora 2
securityvulns 4
debiancve 3
cve 4
ubuntucve 3
cvelist 3
nvd 4
centos 1
archlinux 2
ibm 1
alpinelinux 1
amazon 2
ubuntu 2
redhatcve 2
vulnrichment 1
securelist 1
packetstorm 1
zdt 1
metasploit 1
thn 1
osv 2
freebsd 1
attackerkb 1
rapid7blog 1
nessus
nessus
GLSA-201502-11 : GNU cpio: Multiple vulnerabilities
2015-02-16 00:00:00
Mandriva Linux Security Advisory : cpio (MDVSA-2015:065)
2015-03-30 00:00:00
FreeBSD : cpio -- multiple vulnerabilities (72ee9707-d7b2-11e4-8d8e-f8b156b6dcc8)
2015-04-01 00:00:00
gentoo
gentoo
GNU cpio: Multiple vulnerabilities
2015-02-15 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201502-11
2015-09-29 00:00:00
Debian: Security Advisory (DLA-111-1)
2023-03-08 00:00:00
RedHat Update for cpio RHSA-2015:2108-03
2015-11-20 00:00:00
prion
prion
Heap overflow
2014-12-02 16:59:00
Code injection
2015-02-19 15:59:00
Path traversal
2024-02-29 01:42:00
debian
debian
[SECURITY] [DLA 111-1] cpio security update
2014-12-15 14:18:40
[SECURITY] [DSA 3111-1] cpio security update
2014-12-23 00:55:26
[SECURITY] [DSA 3111-1] cpio security update
2014-12-23 00:55:26
mageia
mageia
Updated cpio package fixes security vulnerability
2014-12-14 17:10:39
Updated cpio packages fix security vulnerabilities
2019-11-14 19:58:51
Updated cpio package fixes security vulnerability
2015-02-19 17:43:07
oraclelinux
oraclelinux
cpio security and bug fix update
2015-11-23 00:00:00
redhat
redhat
(RHSA-2015:2108) Moderate: cpio security and bug fix update
2015-11-19 14:43:07
fedora
fedora
[SECURITY] Fedora 21 Update: cpio-2.11-33.fc21
2014-12-18 06:06:28
[SECURITY] Fedora 20 Update: cpio-2.11-28.fc20
2015-01-06 06:09:24
securityvulns
securityvulns
[ MDVSA-2014:250 ] cpio
2014-12-22 00:00:00
GNU cpio buffer overflow
2014-12-22 00:00:00
[ MDVSA-2015:066 ] cpio
2015-04-20 00:00:00
debiancve
debiancve
CVE-2014-9112
2014-12-02 16:59:05
CVE-2015-1197
2015-02-19 15:59:12
CVE-2023-7207
2024-02-29 01:42:59
cve
cve
CVE-2014-9112
2014-12-02 16:59:05
CVE-2015-1197
2015-02-19 15:59:12
CVE-2023-7207
2024-02-29 01:42:59
ubuntucve
ubuntucve
CVE-2014-9112
2014-12-02 00:00:00
CVE-2015-1197
2015-02-19 00:00:00
CVE-2023-7207
2024-02-29 00:00:00
cvelist
cvelist
CVE-2014-9112
2014-12-02 16:00:00
CVE-2015-1197
2015-02-19 00:00:00
CVE-2023-7207
2024-01-05 00:39:49
nvd
nvd
CVE-2014-9112
2014-12-02 16:59:05
CVE-2015-1197
2015-02-19 15:59:12
CVE-2017-7516
2018-01-29 19:29:00
centos
centos
cpio security update
2015-11-30 19:26:10
archlinux
archlinux
cpio: heap buffer overflow
2015-01-14 00:00:00
cpio: directory traversal
2015-03-23 00:00:00
ibm
ibm
Security Bulletin: Vulnerability in cpio affects PowerKVM (CVE-2014-9112)
2018-06-18 01:30:30
alpinelinux
alpinelinux
CVE-2015-1197
2015-02-19 15:59:12
amazon
amazon
Important: cpio
2024-02-28 23:54:00
Important: cpio
2024-02-29 10:03:00
ubuntu
ubuntu
GNU cpio vulnerabilities
2015-01-08 00:00:00
GNU cpio vulnerabilities
2016-02-22 00:00:00
redhatcve
redhatcve
CVE-2017-7516
2018-01-29 12:50:11
CVE-2023-7207
2024-02-29 08:04:56
vulnrichment
vulnrichment
CVE-2023-7207
2024-01-05 00:39:49
securelist
securelist
Ongoing exploitation of CVE-2022-41352 (Zimbra 0-day)
2022-10-13 08:00:21
packetstorm
packetstorm
Zimbra Collaboration Suite TAR Path Traversal
2022-10-20 00:00:00
zdt
zdt
Zimbra Collaboration Suite TAR Path Traversal Exploit
2022-10-21 00:00:00
metasploit
metasploit
TAR Path Traversal in Zimbra (CVE-2022-41352)
2022-10-06 17:23:53
thn
thn
Zimbra Releases Patch for Actively Exploited Vulnerability in its Collaboration Suite
2022-10-17 09:50:00
osv
osv
cpio-2.12-3.90 on GA media
2024-06-15 00:00:00
cpio-2.13-3.3 on GA media
2024-06-15 00:00:00
freebsd
freebsd
GNU cpio -- multiple vulnerabilities
2019-11-06 00:00:00
attackerkb
attackerkb
CVE-2022-41352
2022-09-26 00:00:00
rapid7blog
rapid7blog
Exploitation of Unpatched Zero-Day Remote Code Execution Vulnerability in Zimbra Collaboration Suite (CVE-2022-41352)
2022-10-06 17:13:34

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.016

Percentile

87.6%

JSON
Related for 72EE9707-D7B2-11E4-8D8E-F8B156B6DCC8
nessus41gentoo1openvas24prion3debian3mageia3oraclelinux1redhat1fedora2securityvulns4debiancve3cve4ubuntucve3cvelist3nvd4centos1archlinux2ibm1alpinelinux1amazon2ubuntu2redhatcve2vulnrichment1securelist1packetstorm1zdt1metasploit1thn1osv2freebsd1attackerkb1rapid7blog1