Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2007-4131HistoryAug 25, 2007 - 12:17 a.m.
CVE-2007-4131
2007-08-2500:17:00
Debian Security Bug Tracker
security-tracker.debian.org
11
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.024 Low
EPSS
Percentile
89.8%
Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //… (slash slash dot dot) sequences in directory symlinks in a TAR archive.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | tar | < 1.18-2 | tar_1.18-2_all.deb |
| Debian | 11 | all | tar | < 1.18-2 | tar_1.18-2_all.deb |
| Debian | 10 | all | tar | < 1.18-2 | tar_1.18-2_all.deb |
| Debian | 999 | all | tar | < 1.18-2 | tar_1.18-2_all.deb |
| Debian | 13 | all | tar | < 1.18-2 | tar_1.18-2_all.deb |
Related
openvas
openvas
SLES9: Security update for tar
2009-10-10 00:00:00
Fedora Update for tar FEDORA-2007-1890
2009-02-27 00:00:00
Fedora Update for tar FEDORA-2007-683
2009-02-27 00:00:00
nessus
nessus
SuSE 10 Security Update : tar (ZYPP Patch Number 4125)
2007-12-13 00:00:00
Oracle Linux 4 / 5 : tar (ELSA-2007-0860)
2013-07-12 00:00:00
SuSE 10 Security Update : star (ZYPP Patch Number 4174)
2007-12-13 00:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: tar-1.15.1-26.fc6
2007-08-30 20:51:30
[SECURITY] Fedora 7 Update: tar-1.15.1-27.fc7
2007-08-29 17:28:19
[SECURITY] Fedora 7 Update: tar-1.15.1-28.fc7
2007-10-29 19:02:35
freebsd
freebsd
gtar -- Directory traversal vulnerability
2007-08-23 00:00:00
centos
centos
tar security update
2007-08-23 16:49:59
ubuntucve
ubuntucve
CVE-2007-4131
2007-08-25 00:00:00
cve
cve
CVE-2007-4131
2007-08-25 00:17:00
oraclelinux
oraclelinux
Moderate: tar security update
2007-08-23 00:00:00
veracode
veracode
Arbitrary File Overwrite
2020-04-10 00:18:09
freebsd_advisory
freebsd_advisory
FreeBSD-SA-07:10.gtar
2007-11-29 00:00:00
gentoo
gentoo
GNU Tar: Directory traversal vulnerability
2007-09-15 00:00:00
redhat
redhat
(RHSA-2007:0860) Moderate: tar security update
2007-08-23 00:00:00
prion
prion
Directory traversal
2007-08-25 00:17:00
ubuntu
ubuntu
tar vulnerability
2007-08-28 00:00:00
seebug
seebug
GNU Tar contains_dot_dot函数远程目录遍历漏洞
2007-08-24 00:00:00
debian
debian
[SECURITY] [DSA 1438-1] New tar packages fix several vulnerabilities
2007-12-28 15:29:50
osv
osv
tar
2007-12-28 00:00:00
securityvulns
securityvulns
rPSA-2007-0172-1 tar
2007-08-27 00:00:00
Directory traversal and absolute path in multiple archivers
2007-08-27 00:00:00
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.024 Low
EPSS
Percentile
89.8%
Related for DEBIANCVE:CVE-2007-4131