Executive Summary
Summary | |
---|---|
Title | New tar packages fix several vulnerabilities |
Informations | |||
---|---|---|---|
Name | DSA-1438 | First vendor Publication | 2007-12-28 |
Vendor | Debian | Last vendor Modification | 2007-12-28 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several vulnerabilities have been discovered in GNU Tar. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-4131 A directory traversal vulnerability enables attackers using specially crafted archives to extract contents outside the directory tree created by tar. CVE-2007-4476 A stack-based buffer overflow in the file name checking code may lead to arbitrary code execution when processing maliciously crafted archives. For the stable distribution (etch), these problems have been fixed in version 1.16-2etch1. For the old stable distribution (sarge), these problems have been fixed in 1.14-2.4. For the unstable distribution (sid), these problems have been fixed in version 1.18-2. We recommend that you upgrade your tar package. |
Original Source
Url : http://www.debian.org/security/2007/dsa-1438 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10420 | |||
Oval ID: | oval:org.mitre.oval:def:10420 | ||
Title: | Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive. | ||
Description: | Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-4131 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13929 | |||
Oval ID: | oval:org.mitre.oval:def:13929 | ||
Title: | USN-709-1 -- tar vulnerability | ||
Description: | Dmitry V. Levin discovered a buffer overflow in tar. If a user or automated system were tricked into opening a specially crafted tar file, an attacker could crash tar or possibly execute arbitrary code with the privileges of the user invoking the program. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-709-1 CVE-2007-4476 | Version: | 5 |
Platform(s): | Ubuntu 7.10 Ubuntu 6.06 | Product(s): | tar |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17510 | |||
Oval ID: | oval:org.mitre.oval:def:17510 | ||
Title: | USN-506-1 -- tar vulnerability | ||
Description: | Dmitry V. Levin discovered that tar did not correctly detect the ".." file path element when unpacking archives. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-506-1 CVE-2007-4131 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 | Product(s): | tar |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17789 | |||
Oval ID: | oval:org.mitre.oval:def:17789 | ||
Title: | USN-650-1 -- cpio vulnerability | ||
Description: | A buffer overflow was discovered in cpio. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-650-1 CVE-2007-4476 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | cpio |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18211 | |||
Oval ID: | oval:org.mitre.oval:def:18211 | ||
Title: | DSA-1566-1 cpio - programming error | ||
Description: | Dmitry Levin discovered a vulnerability in path handling code used by the cpio archive utility. The weakness could enable a denial of service (crash) or potentially the execution of arbitrary code if a vulnerable version of cpio is used to extract or to list the contents of a maliciously crafted archive. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1566-1 CVE-2007-4476 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | cpio |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20059 | |||
Oval ID: | oval:org.mitre.oval:def:20059 | ||
Title: | DSA-1438-1 tar | ||
Description: | Several vulnerabilities have been discovered in GNU Tar. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1438-1 CVE-2007-4131 CVE-2007-4476 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | tar |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22513 | |||
Oval ID: | oval:org.mitre.oval:def:22513 | ||
Title: | ELSA-2007:0860: tar security update (Moderate) | ||
Description: | Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:0860-02 CVE-2007-4131 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | tar |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7114 | |||
Oval ID: | oval:org.mitre.oval:def:7114 | ||
Title: | VMware ESX,Service Console update for cpio and tar. | ||
Description: | Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-4476 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7779 | |||
Oval ID: | oval:org.mitre.oval:def:7779 | ||
Title: | Security Vulnerabilities in GNU tar (see gtar(1)) May Lead to Files Being Overwritten, Execution of Arbitrary Code, or a Denial of Service (DoS) | ||
Description: | Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-4131 | Version: | 2 |
Platform(s): | Sun Solaris 9 Sun Solaris 10 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8098 | |||
Oval ID: | oval:org.mitre.oval:def:8098 | ||
Title: | DSA-1566 cpio -- programming error | ||
Description: | Dmitry Levin discovered a vulnerability in path handling code used by the cpio archive utility. The weakness could enable a denial of service (crash) or potentially the execution of arbitrary code if a vulnerable version of cpio is used to extract or to list the contents of a maliciously crafted archive. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1566 CVE-2007-4476 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | cpio |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8599 | |||
Oval ID: | oval:org.mitre.oval:def:8599 | ||
Title: | Security Vulnerabilities in GNU tar (see gtar(1)) May Lead to Files Being Overwritten, Execution of Arbitrary Code, or a Denial of Service (DoS) | ||
Description: | Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-4476 | Version: | 2 |
Platform(s): | Sun Solaris 9 Sun Solaris 10 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9336 | |||
Oval ID: | oval:org.mitre.oval:def:9336 | ||
Title: | Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack." | ||
Description: | Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-4476 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for cpio CESA-2010:0144 centos5 i386 File : nvt/gb_CESA-2010_0144_cpio_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for tar CESA-2010:0141 centos5 i386 File : nvt/gb_CESA-2010_0141_tar_centos5_i386.nasl |
2010-05-12 | Name : Mac OS X Security Update 2007-009 File : nvt/macosx_secupd_2007-009.nasl |
2010-03-22 | Name : RedHat Update for tar RHSA-2010:0141-01 File : nvt/gb_RHSA-2010_0141-01_tar.nasl |
2010-03-22 | Name : RedHat Update for cpio RHSA-2010:0144-01 File : nvt/gb_RHSA-2010_0144-01_cpio.nasl |
2010-03-22 | Name : CentOS Update for tar CESA-2010:0141 centos4 i386 File : nvt/gb_CESA-2010_0141_tar_centos4_i386.nasl |
2009-10-13 | Name : SLES10: Security update for star File : nvt/sles10_star.nasl |
2009-10-10 | Name : SLES9: Security update for tar File : nvt/sles9p5012056.nasl |
2009-10-10 | Name : SLES9: Security update for cpio File : nvt/sles9p5013486.nasl |
2009-06-05 | Name : Ubuntu USN-707-1 (cupsys) File : nvt/ubuntu_707_1.nasl |
2009-04-09 | Name : Mandriva Update for cpio MDKSA-2007:233 (cpio) File : nvt/gb_mandriva_MDKSA_2007_233.nasl |
2009-04-09 | Name : Mandriva Update for tar MDKSA-2007:197 (tar) File : nvt/gb_mandriva_MDKSA_2007_197.nasl |
2009-04-09 | Name : Mandriva Update for tar MDKSA-2007:173 (tar) File : nvt/gb_mandriva_MDKSA_2007_173.nasl |
2009-03-23 | Name : Ubuntu Update for cpio vulnerability USN-650-1 File : nvt/gb_ubuntu_USN_650_1.nasl |
2009-03-23 | Name : Ubuntu Update for tar vulnerability USN-506-1 File : nvt/gb_ubuntu_USN_506_1.nasl |
2009-02-27 | Name : Fedora Update for cpio FEDORA-2007-2744 File : nvt/gb_fedora_2007_2744_cpio_fc7.nasl |
2009-02-27 | Name : Fedora Update for cpio FEDORA-2007-742 File : nvt/gb_fedora_2007_742_cpio_fc6.nasl |
2009-02-27 | Name : Fedora Update for tar FEDORA-2007-735 File : nvt/gb_fedora_2007_735_tar_fc6.nasl |
2009-02-27 | Name : Fedora Update for tar FEDORA-2007-683 File : nvt/gb_fedora_2007_683_tar_fc6.nasl |
2009-02-27 | Name : Fedora Update for cpio FEDORA-2007-2827 File : nvt/gb_fedora_2007_2827_cpio_fc8.nasl |
2009-02-27 | Name : Fedora Update for tar FEDORA-2007-2800 File : nvt/gb_fedora_2007_2800_tar_fc8.nasl |
2009-02-27 | Name : Fedora Update for tar FEDORA-2007-2673 File : nvt/gb_fedora_2007_2673_tar_fc7.nasl |
2009-02-27 | Name : Fedora Update for tar FEDORA-2007-1890 File : nvt/gb_fedora_2007_1890_tar_fc7.nasl |
2009-01-20 | Name : Ubuntu USN-709-1 (tar) File : nvt/ubuntu_709_1.nasl |
2009-01-20 | Name : Ubuntu USN-708-1 (hplip) File : nvt/ubuntu_708_1.nasl |
2009-01-20 | Name : FreeBSD Ports: gtar File : nvt/freebsd_gtar2.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200711-18 (cpio) File : nvt/glsa_200711_18.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200709-09 (tar) File : nvt/glsa_200709_09.nasl |
2008-09-04 | Name : FreeBSD Security Advisory (FreeBSD-SA-07:10.gtar.asc) File : nvt/freebsdsa_gtar1.nasl |
2008-09-04 | Name : FreeBSD Ports: gtar File : nvt/freebsd_gtar1.nasl |
2008-05-12 | Name : Debian Security Advisory DSA 1566-1 (cpio) File : nvt/deb_1566_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1438-1 (tar) File : nvt/deb_1438_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
42149 | GNU tar safer_name_suffix Function Unspecified Overflow |
38183 | GNU tar src/names.c contains_dot_dot Function Traversal Arbitrary File Overwrite |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2015-07-16 | IAVM : 2015-A-0150 - Multiple Security Vulnerabilities in Juniper Networks CTPView Severity : Category I - VMSKEY : V0061073 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0013_remote.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2007-0860.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0144.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0141.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20100315_tar_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20100315_cpio_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20070823_tar_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2010-09-02 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2010-0013.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0144.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0141.nasl - Type : ACT_GATHER_INFO |
2010-03-17 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0144.nasl - Type : ACT_GATHER_INFO |
2010-03-17 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0141.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_11723.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-709-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-650-1.nasl - Type : ACT_GATHER_INFO |
2009-01-19 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_0809ce7df67249249b3b7c74bc279b83.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1566.nasl - Type : ACT_GATHER_INFO |
2007-12-31 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1438.nasl - Type : ACT_GATHER_INFO |
2007-12-18 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2007-009.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_tar-4125.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_star-4174.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_cpio-4184.nasl - Type : ACT_GATHER_INFO |
2007-11-29 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2007-233.nasl - Type : ACT_GATHER_INFO |
2007-11-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200711-18.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-506-1.nasl - Type : ACT_GATHER_INFO |
2007-11-07 | Name : The remote Fedora host is missing a security update. File : fedora_2007-2827.nasl - Type : ACT_GATHER_INFO |
2007-11-07 | Name : The remote Fedora host is missing a security update. File : fedora_2007-2800.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-742.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-2744.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-735.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-2673.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-1890.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_cpio-4180.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_star-4173.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_tar-4124.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2007-197.nasl - Type : ACT_GATHER_INFO |
2007-09-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200709-09.nasl - Type : ACT_GATHER_INFO |
2007-09-05 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-683.nasl - Type : ACT_GATHER_INFO |
2007-09-05 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2007-173.nasl - Type : ACT_GATHER_INFO |
2007-09-03 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_d944719e42f4486489edf045b541919f.nasl - Type : ACT_GATHER_INFO |
2007-08-28 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-0860.nasl - Type : ACT_GATHER_INFO |
2007-08-28 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2007-0860.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:27:07 |
|