Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2007-4476HistorySep 05, 2007 - 1:17 a.m.
CVE-2007-4476
2007-09-0501:17:00
Debian Security Bug Tracker
security-tracker.debian.org
16
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.8%
Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a “crashing stack.”
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cpio | < 2.9-5 | cpio_2.9-5_all.deb |
| Debian | 11 | all | cpio | < 2.9-5 | cpio_2.9-5_all.deb |
| Debian | 10 | all | cpio | < 2.9-5 | cpio_2.9-5_all.deb |
| Debian | 999 | all | cpio | < 2.9-5 | cpio_2.9-5_all.deb |
| Debian | 13 | all | cpio | < 2.9-5 | cpio_2.9-5_all.deb |
| Debian | 12 | all | tar | < 1.18-1 | tar_1.18-1_all.deb |
| Debian | 11 | all | tar | < 1.18-1 | tar_1.18-1_all.deb |
| Debian | 10 | all | tar | < 1.18-1 | tar_1.18-1_all.deb |
| Debian | 999 | all | tar | < 1.18-1 | tar_1.18-1_all.deb |
| Debian | 13 | all | tar | < 1.18-1 | tar_1.18-1_all.deb |
Related
debian
debian
[SECURITY] [DSA 1566-1] New cpio packages fix denial of service
2008-05-02 15:00:29
[SECURITY] [DSA 1438-1] New tar packages fix several vulnerabilities
2007-12-28 15:29:40
fedora
fedora
[SECURITY] Fedora Core 6 Update: tar-1.15.1-27.fc6
2007-11-05 14:40:01
[SECURITY] Fedora 7 Update: cpio-2.6-28.fc7
2007-11-05 15:06:17
[SECURITY] Fedora Core 6 Update: cpio-2.6-22.fc6
2007-11-05 14:56:14
openvas
openvas
Fedora Update for cpio FEDORA-2007-2827
2009-02-27 00:00:00
Debian Security Advisory DSA 1566-1 (cpio)
2008-05-12 00:00:00
Mandriva Update for tar MDKSA-2007:197 (tar)
2009-04-09 00:00:00
nessus
nessus
openSUSE 10 Security Update : cpio (cpio-4180)
2007-10-17 00:00:00
Fedora 7 : cpio-2.6-28.fc7 (2007-2744)
2007-11-06 00:00:00
cve
cve
CVE-2007-4476
2007-09-05 01:17:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:44:05
osv
osv
cpio - programming error
2008-05-02 00:00:00
tar
2007-12-28 00:00:00
securityvulns
securityvulns
GNU tar buffer overflow
2008-10-18 00:00:00
gentoo
gentoo
Cpio: Buffer overflow
2007-11-14 00:00:00
ubuntu
ubuntu
cpio vulnerability
2008-10-02 00:00:00
tar vulnerability
2009-01-15 00:00:00
prion
prion
Buffer overflow
2007-09-05 01:17:00
ubuntucve
ubuntucve
CVE-2007-4476
2007-09-05 00:00:00
freebsd
freebsd
gtar -- GNU TAR safer_name_suffix Remote Denial of Service Vulnerability
2007-11-14 00:00:00
seebug
seebug
GNU TAR和CPIO safer_name_suffix远程拒绝服务漏洞
2007-11-17 00:00:00
VMware ESX Service Console多个安全漏洞
2012-01-13 00:00:00
redhat
redhat
(RHSA-2010:0144) Moderate: cpio security update
2010-03-15 00:00:00
(RHSA-2010:0141) Moderate: tar security update
2010-03-15 00:00:00
(RHSA-2010:0440) Important: rhev-hypervisor security and bug fix update
2010-05-25 00:00:00
oraclelinux
oraclelinux
tar security update
2010-03-15 00:00:00
cpio security update
2010-03-15 00:00:00
centos
centos
cpio security update
2010-03-16 12:58:04
tar security update
2010-03-16 12:59:13
vmware
vmware
VMware ESX third party updates for Service Console
2010-08-31 00:00:00
VMware ESX third party updates for Service Console
2010-08-31 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.8%
Related for DEBIANCVE:CVE-2007-4476