gtar -- buffer overflow in rmt client

2010-03-24T00:00:00
ID C175D72F-3773-11DF-8BB8-0211D880E350
Type freebsd
Reporter FreeBSD
Modified 2010-03-24T00:00:00

Description

Jakob Lell reports:

The rmt client implementation of GNU Tar/Cpio contains a heap-based buffer overflow which possibly allows arbitrary code execution. The problem can be exploited when using an untrusted/compromised rmt server.