Bug 606442 (CVE-2005-1080)

Summary: CVE-2005-1080 jar: directory traversal vulnerability
Product: [Other] Security Response Reporter: Vincent Danen <vdanen>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: ahughes, aph, bressers, dbhole, jerboaa, jpechane, jvanek, langel, lkundrak, mjw, omajid, rruss, vkaigoro
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: IcedTea6 1.13.7, IcedTea7 2.5.5 Doc Type: Bug Fix
Doc Text:
A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted.
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-05-20 20:39:37 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 601816, 601824    
Bug Blocks: 1180590, 1209063    

Description Vincent Danen 2010-06-21 15:52:15 UTC
Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2, 1.5 allows remote attackers to write arbitrary files via a .. (dot dot) in filenames in a .jar file.

Initially the directory traversal flaw was reported for fastjar (see bug #594497) but was later found to also affect jar.  The vulnerability in jar was reported in January 2005 but was never corrected upstream (CVE-2005-1080).  Bug #594497 has a test script to determine if the vulnerability is present in jar as well as fastjar.

Comment 2 Vincent Danen 2010-06-21 16:00:23 UTC
Created java-1.6.0-openjdk tracking bugs for this issue

Affects: fedora-all [bug 601824]

Comment 3 Vincent Danen 2010-06-21 16:00:34 UTC
Statement:

(none)

Comment 4 Tomas Hoger 2015-04-14 19:59:39 UTC
*** Bug 1180589 has been marked as a duplicate of this bug. ***

Comment 5 errata-xmlrpc 2015-04-14 20:18:45 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 5

Via RHSA-2015:0807 https://rhn.redhat.com/errata/RHSA-2015-0807.html

Comment 6 errata-xmlrpc 2015-04-15 15:16:04 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7
  Red Hat Enterprise Linux 6

Via RHSA-2015:0809 https://rhn.redhat.com/errata/RHSA-2015-0809.html

Comment 7 errata-xmlrpc 2015-04-15 16:58:00 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 5
  Red Hat Enterprise Linux 7
  Red Hat Enterprise Linux 6

Via RHSA-2015:0808 https://rhn.redhat.com/errata/RHSA-2015-0808.html

Comment 8 errata-xmlrpc 2015-04-15 16:58:28 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7
  Red Hat Enterprise Linux 6

Via RHSA-2015:0806 https://rhn.redhat.com/errata/RHSA-2015-0806.html

Comment 9 Tomas Hoger 2015-04-16 12:40:20 UTC
This issue was fixed in Oracle Java SE 6u95, 7u79, and 8u45, released with the Oracle Critical Patch Update - April 2015.  Oracle assigned different / duplicate CVE id for this issue - CVE-2015-0480 (bug 1211504).

http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA

Comment 11 errata-xmlrpc 2015-04-17 10:29:07 UTC
This issue has been addressed in the following products:

  Oracle Java for Red Hat Enterprise Linux 7
  Oracle Java for Red Hat Enterprise Linux 6

Via RHSA-2015:0854 https://rhn.redhat.com/errata/RHSA-2015-0854.html

Comment 12 errata-xmlrpc 2015-04-20 14:08:31 UTC
This issue has been addressed in the following products:

  Oracle Java for Red Hat Enterprise Linux 5
  Oracle Java for Red Hat Enterprise Linux 7
  Oracle Java for Red Hat Enterprise Linux 6

Via RHSA-2015:0857 https://rhn.redhat.com/errata/RHSA-2015-0857.html

Comment 13 errata-xmlrpc 2015-04-20 14:28:15 UTC
This issue has been addressed in the following products:

  Oracle Java for Red Hat Enterprise Linux 5
  Oracle Java for Red Hat Enterprise Linux 7
  Oracle Java for Red Hat Enterprise Linux 6

Via RHSA-2015:0858 https://rhn.redhat.com/errata/RHSA-2015-0858.html

Comment 14 errata-xmlrpc 2015-05-13 13:33:23 UTC
This issue has been addressed in the following products:

  Supplementary for Red Hat Enterprise Linux 5

Via RHSA-2015:1007 https://rhn.redhat.com/errata/RHSA-2015-1007.html

Comment 15 errata-xmlrpc 2015-05-13 13:35:24 UTC
This issue has been addressed in the following products:

  Supplementary for Red Hat Enterprise Linux 6
  Supplementary for Red Hat Enterprise Linux 5

Via RHSA-2015:1006 https://rhn.redhat.com/errata/RHSA-2015-1006.html

Comment 16 errata-xmlrpc 2015-05-20 18:36:35 UTC
This issue has been addressed in the following products:

  Supplementary for Red Hat Enterprise Linux 5
  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2015:1021 https://rhn.redhat.com/errata/RHSA-2015-1021.html

Comment 17 errata-xmlrpc 2015-05-20 19:06:09 UTC
This issue has been addressed in the following products:

  Supplementary for Red Hat Enterprise Linux 6
  Supplementary for Red Hat Enterprise Linux 7

Via RHSA-2015:1020 https://rhn.redhat.com/errata/RHSA-2015-1020.html

Comment 18 errata-xmlrpc 2015-06-11 13:21:45 UTC
This issue has been addressed in the following products:

  Red Hat Satellite Server v 5.6
  Red Hat Satellite Server v 5.7

Via RHSA-2015:1091 https://rhn.redhat.com/errata/RHSA-2015-1091.html