fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location.

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched.

  - file-roller: Path traversal vulnerability when opening crafted archive (CVE-2016-7162)

  - An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a     filename contained in a TAR archive, possibly overwriting a file during extraction. (CVE-2019-16680)

  - fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction     because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended     extraction location. (CVE-2020-11736)

Note that Nessus has not tested for these issues but has instead relied on the package manager's report that the package is installed.

This plugin has been deprecated as it does not adhere to established standards for this style of check.

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4820 advisory.

  - An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a     filename contained in a TAR archive, possibly overwriting a file during extraction. (CVE-2019-16680)

  - fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction     because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended     extraction location. (CVE-2020-11736)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to the versions of the file-roller packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - An issue was discovered in GNOME file-roller before     3.29.91. It allows a single ./../ path traversal via a     filename contained in a TAR archive, possibly     overwriting a file during extraction.(CVE-2019-16680)

  - fr-archive-libarchive.c in GNOME file-roller through     3.36.1 allows Directory Traversal during extraction     because it lacks a check of whether a file's parent is     a symlink to a directory outside of the intended     extraction location.(CVE-2020-11736)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote NewStart CGSL host, running version MAIN 6.02, has file-roller packages installed that are affected by multiple vulnerabilities:

  - An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a     filename contained in a TAR archive, possibly overwriting a file during extraction. (CVE-2019-16680)

  - fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction     because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended     extraction location. (CVE-2020-11736)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:4820 advisory.

  - file-roller: path traversal vulnerability via a specially crafted filename contained in malicious archive     (CVE-2019-16680)

  - file-roller: directory traversal via directory symlink pointing outside of the target directory     (CVE-2020-11736)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-4820 advisory.

    - Fix CVE-2020-11736 (#1827395)

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4820 advisory.

    File Roller is an application for creating and viewing archives files, such as tar or zip files.

    Security Fix(es):

    * file-roller: path traversal vulnerability via a specially crafted filename contained in malicious     archive (CVE-2019-16680)

    * file-roller: directory traversal via directory symlink pointing outside of the target directory     (CVE-2020-11736)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to the version of the file-roller packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :

  - fr-archive-libarchive.c in GNOME file-roller through     3.36.1 allows Directory Traversal during extraction     because it lacks a check of whether a file's parent is     a symlink to a directory outside of the intended     extraction location.(CVE-2020-11736)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote host is affected by the vulnerability described in GLSA-202009-06 (GNOME File Roller: Directory traversal)

    It was discovered that GNOME File Roller incorrectly handled symlinks.
  Impact :

    Please review the referenced CVE identifiers for details.
  Workaround :

    There is no known workaround at this time.

This update for file-roller fixes the following issues :

  - CVE-2020-11736: Fixed a directory traversal     vulnerability due to improper checking whether a file's     parent is an external symlink (bsc#1169428).

  - CVE-2019-16680: Fixed a path traversal vulnerability     which could have allowed an overwriting of a file during     extraction (bsc#1151585). 

This update was imported from the SUSE:SLE-15:Update update project.

This update for file-roller fixes the following issues :

CVE-2020-11736: Fixed a directory traversal vulnerability due to improper checking whether a file's parent is an external symlink (bsc#1169428).

CVE-2019-16680: Fixed a path traversal vulnerability which could have allowed an overwriting of a file during extraction (bsc#1151585).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for file-roller fixes the following issues :

Security issue fixed :

CVE-2020-11736: Fixed a directory traversal vulnerability due to improper checking whether a file's parent is an external symlink (bsc#1169428).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote Ubuntu 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4332-2 advisory.

    USN-4332-1 fixed vulnerabilities in File Roller. This update provides the corresponding update for Ubuntu     20.04 LTS.



Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4332-1 advisory.

    It was discovered that File Roller incorrectly handled symlinks. An attacker could possibly use this issue     to expose sensitive information.

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location.

For Debian 8 'Jessie', this problem has been fixed in version 3.14.1-1+deb8u2.

We recommend that you upgrade your file-roller packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

ID	Name	Product	Family	Severity
199811	RHEL 7 : file-roller (Unpatched Vulnerability)	Nessus	Red Hat Local Security Checks	high
195785	RHEL 5 : file-roller (Unpatched Vulnerability) (deprecated)	Nessus	Red Hat Local Security Checks	medium
195749	RHEL 6 : file-roller (Unpatched Vulnerability) (deprecated)	Nessus	Red Hat Local Security Checks	medium
184912	Rocky Linux 8 : file-roller (RLSA-2020:4820)	Nessus	Rocky Linux Local Security Checks	medium
149137	EulerOS 2.0 SP3 : file-roller (EulerOS-SA-2021-1783)	Nessus	Huawei Local Security Checks	medium
147323	NewStart CGSL MAIN 6.02 : file-roller Multiple Vulnerabilities (NS-SA-2021-0068)	Nessus	NewStart CGSL Local Security Checks	medium
146644	EulerOS 2.0 SP2 : file-roller (EulerOS-SA-2021-1294)	Nessus	Huawei Local Security Checks	medium
145860	CentOS 8 : file-roller (CESA-2020:4820)	Nessus	CentOS Local Security Checks	medium
142761	Oracle Linux 8 : file-roller (ELSA-2020-4820)	Nessus	Oracle Linux Local Security Checks	medium
142386	RHEL 8 : file-roller (RHSA-2020:4820)	Nessus	Red Hat Local Security Checks	medium
142092	EulerOS 2.0 SP5 : file-roller (EulerOS-SA-2020-2244)	Nessus	Huawei Local Security Checks	low
140561	GLSA-202009-06 : GNOME File Roller: Directory traversal	Nessus	Gentoo Local Security Checks	low
138689	openSUSE Security Update : file-roller (openSUSE-2020-825)	Nessus	SuSE Local Security Checks	medium
137595	SUSE SLED15 / SLES15 Security Update : file-roller (SUSE-SU-2020:1557-1)	Nessus	SuSE Local Security Checks	medium
137551	SUSE SLES12 Security Update : file-roller (SUSE-SU-2020:1505-1)	Nessus	SuSE Local Security Checks	low
136027	Ubuntu 20.04 LTS : File Roller vulnerability (USN-4332-2)	Nessus	Ubuntu Local Security Checks	low
135847	Ubuntu 16.04 LTS / 18.04 LTS : File Roller vulnerability (USN-4332-1)	Nessus	Ubuntu Local Security Checks	low
135723	Debian DLA-2180-1 : file-roller security update	Nessus	Debian Local Security Checks	low

Detections

Analytics

CVE-2020-11736

low

Tenable Plugins

high

medium

medium

medium

medium

medium

medium

medium

medium

medium

low

low

medium

medium

low

low

low

low