Executive Summary
Summary | |
---|---|
Title | tar security update |
Informations | |||
---|---|---|---|
Name | RHSA-2010:0142 | First vendor Publication | 2010-03-15 |
Vendor | RedHat | Last vendor Modification | 2010-03-15 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: An updated tar package that fixes one security issue is now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Description: The GNU tar program saves many files together in one archive and can restore individual files (or all of the files) from that archive. A heap-based buffer overflow flaw was found in the way tar expanded archive files. If a user were tricked into expanding a specially-crafted archive, it could cause the tar executable to crash or execute arbitrary code with the privileges of the user running tar. (CVE-2010-0624) Red Hat would like to thank Jakob Lell for responsibly reporting this issue. Users of tar are advised to upgrade to this updated package, which contains a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 564368 - CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a specially-crafted archive |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2010-0142.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10277 | |||
Oval ID: | oval:org.mitre.oval:def:10277 | ||
Title: | Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character. | ||
Description: | Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0624 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21485 | |||
Oval ID: | oval:org.mitre.oval:def:21485 | ||
Title: | RHSA-2010:0144: cpio security update (Moderate) | ||
Description: | Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0144-01 CESA-2010:0144 CVE-2007-4476 CVE-2010-0624 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | cpio |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22152 | |||
Oval ID: | oval:org.mitre.oval:def:22152 | ||
Title: | RHSA-2010:0141: tar security update (Moderate) | ||
Description: | Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0141-01 CESA-2010:0141 CVE-2007-4476 CVE-2010-0624 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | tar |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22400 | |||
Oval ID: | oval:org.mitre.oval:def:22400 | ||
Title: | ELSA-2010:0141: tar security update (Moderate) | ||
Description: | Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0141-01 CVE-2007-4476 CVE-2010-0624 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | tar |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22814 | |||
Oval ID: | oval:org.mitre.oval:def:22814 | ||
Title: | ELSA-2010:0144: cpio security update (Moderate) | ||
Description: | Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0144-01 CVE-2007-4476 CVE-2010-0624 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | cpio |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27994 | |||
Oval ID: | oval:org.mitre.oval:def:27994 | ||
Title: | DEPRECATED: ELSA-2010-0144 -- cpio security update (moderate) | ||
Description: | [2.6-23.1] - CVE-2010-0624 fix heap-based buffer overflow by expanding a specially-crafted archive - CVE-2007-4476 fix stack crashing in safer_name_suffix | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-0144 CVE-2007-4476 CVE-2010-0624 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | cpio |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6907 | |||
Oval ID: | oval:org.mitre.oval:def:6907 | ||
Title: | VMware ESX,Service Console update for cpio and tar. | ||
Description: | Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0624 | Version: | 5 |
Platform(s): | VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-02-12 | Name : Gentoo Security Advisory GLSA 201111-11 (tar) File : nvt/glsa_201111_11.nasl |
2011-08-09 | Name : CentOS Update for tar CESA-2010:0141 centos5 i386 File : nvt/gb_CESA-2010_0141_tar_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for cpio CESA-2010:0144 centos5 i386 File : nvt/gb_CESA-2010_0144_cpio_centos5_i386.nasl |
2010-03-31 | Name : Mandriva Update for cpio MDVSA-2010:065 (cpio) File : nvt/gb_mandriva_MDVSA_2010_065.nasl |
2010-03-31 | Name : Fedora Update for tar FEDORA-2010-4306 File : nvt/gb_fedora_2010_4306_tar_fc11.nasl |
2010-03-31 | Name : Fedora Update for cpio FEDORA-2010-4302 File : nvt/gb_fedora_2010_4302_cpio_fc11.nasl |
2010-03-30 | Name : FreeBSD Ports: gtar File : nvt/freebsd_gtar3.nasl |
2010-03-22 | Name : RedHat Update for cpio RHSA-2010:0143-01 File : nvt/gb_RHSA-2010_0143-01_cpio.nasl |
2010-03-22 | Name : Fedora Update for cpio FEDORA-2010-4321 File : nvt/gb_fedora_2010_4321_cpio_fc12.nasl |
2010-03-22 | Name : Fedora Update for tar FEDORA-2010-4309 File : nvt/gb_fedora_2010_4309_tar_fc12.nasl |
2010-03-22 | Name : RedHat Update for cpio RHSA-2010:0145-01 File : nvt/gb_RHSA-2010_0145-01_cpio.nasl |
2010-03-22 | Name : RedHat Update for cpio RHSA-2010:0144-01 File : nvt/gb_RHSA-2010_0144-01_cpio.nasl |
2010-03-22 | Name : RedHat Update for tar RHSA-2010:0142-01 File : nvt/gb_RHSA-2010_0142-01_tar.nasl |
2010-03-22 | Name : RedHat Update for tar RHSA-2010:0141-01 File : nvt/gb_RHSA-2010_0141-01_tar.nasl |
2010-03-22 | Name : CentOS Update for cpio CESA-2010:0145 centos3 i386 File : nvt/gb_CESA-2010_0145_cpio_centos3_i386.nasl |
2010-03-22 | Name : CentOS Update for cpio CESA-2010:0143 centos4 i386 File : nvt/gb_CESA-2010_0143_cpio_centos4_i386.nasl |
2010-03-22 | Name : CentOS Update for tar CESA-2010:0142 centos3 i386 File : nvt/gb_CESA-2010_0142_tar_centos3_i386.nasl |
2010-03-22 | Name : CentOS Update for tar CESA-2010:0141 centos4 i386 File : nvt/gb_CESA-2010_0141_tar_centos4_i386.nasl |
2010-02-19 | Name : Mandriva Update for mandriva-release MDVA-2010:065 (mandriva-release) File : nvt/gb_mandriva_MDVA_2010_065.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
62950 | GNU tar rmt Client lib/rtapelib.c rmt_read__ Function Remote Overflow GNU tar is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a heap overflow. With a specially crafted response or file, a remote attacker can potentially cause arbitrary code execution. |
62857 | GNU cpio rmt Client lib/rtapelib.c rmt_read__ Function Remote Overflow GNU cpio is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a heap overflow. With a specially crafted response or file, a remote attacker can potentially cause arbitrary code execution. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2015-07-16 | IAVM : 2015-A-0150 - Multiple Security Vulnerabilities in Juniper Networks CTPView Severity : Category I - VMSKEY : V0061073 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0013_remote.nasl - Type : ACT_GATHER_INFO |
2015-01-09 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2456-1.nasl - Type : ACT_GATHER_INFO |
2013-11-29 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201311-21.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0145.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0144.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0143.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0142.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0141.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20100315_tar_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20100315_cpio_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2011-11-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201111-11.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_tar-100312.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_cpio-100328.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_tar-6922.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_cpio-6948.nasl - Type : ACT_GATHER_INFO |
2010-09-02 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2010-0013.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-4309.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-4321.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-4302.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-4274.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-4267.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-4306.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0144.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0145.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0143.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0142.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0141.nasl - Type : ACT_GATHER_INFO |
2010-05-04 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12603.nasl - Type : ACT_GATHER_INFO |
2010-05-01 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12596.nasl - Type : ACT_GATHER_INFO |
2010-05-01 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_tar-100312.nasl - Type : ACT_GATHER_INFO |
2010-05-01 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_tar-100312.nasl - Type : ACT_GATHER_INFO |
2010-05-01 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_tar-100312.nasl - Type : ACT_GATHER_INFO |
2010-03-25 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_c175d72f377311df8bb80211d880e350.nasl - Type : ACT_GATHER_INFO |
2010-03-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-065.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0145.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0143.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0142.nasl - Type : ACT_GATHER_INFO |
2010-03-17 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0141.nasl - Type : ACT_GATHER_INFO |
2010-03-17 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0144.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:53:18 |
|