Lucene search
This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2006-0749.NASLHistoryDec 30, 2006 - 12:00 a.m.
RHEL 2.1 / 3 / 4 : tar (RHSA-2006:0749)
2006-12-3000:00:00
This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
Updated tar packages that fix a path traversal flaw are now available.
This update has been rated as having moderate security impact by the Red Hat Security Response Team.
The GNU tar program saves many files together in one archive and can restore individual files (or all of the files) from that archive.
Teemu Salmela discovered a path traversal flaw in the way GNU tar extracted archives. A malicious user could create a tar archive that could write to arbitrary files to which the user running GNU tar has write access. (CVE-2006-6097)
Users of tar should upgrade to this updated package, which contains a replacement backported patch to correct this issue.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2006:0749. The text
# itself is copyright (C) Red Hat, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(23959);
script_version("1.23");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2006-6097");
script_xref(name:"RHSA", value:"2006:0749");
script_name(english:"RHEL 2.1 / 3 / 4 : tar (RHSA-2006:0749)");
script_summary(english:"Checks the rpm output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Red Hat host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Updated tar packages that fix a path traversal flaw are now available.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.
The GNU tar program saves many files together in one archive and can
restore individual files (or all of the files) from that archive.
Teemu Salmela discovered a path traversal flaw in the way GNU tar
extracted archives. A malicious user could create a tar archive that
could write to arbitrary files to which the user running GNU tar has
write access. (CVE-2006-6097)
Users of tar should upgrade to this updated package, which contains a
replacement backported patch to correct this issue."
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2006-6097"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/errata/RHSA-2006:0749"
);
script_set_attribute(attribute:"solution", value:"Update the affected tar package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:P");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tar");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:2.1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
script_set_attribute(attribute:"vuln_publication_date", value:"2006/11/24");
script_set_attribute(attribute:"patch_publication_date", value:"2006/12/19");
script_set_attribute(attribute:"plugin_publication_date", value:"2006/12/30");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Red Hat Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^(2\.1|3|4)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 2.1 / 3.x / 4.x", "Red Hat " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo))
{
rhsa = "RHSA-2006:0749";
yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
if (!empty_or_null(yum_report))
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : yum_report
);
exit(0);
}
else
{
audit_message = "affected by Red Hat security advisory " + rhsa;
audit(AUDIT_OS_NOT, audit_message);
}
}
else
{
flag = 0;
if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"tar-1.13.25-6.AS21.1")) flag++;
if (rpm_check(release:"RHEL3", reference:"tar-1.13.25-15.RHEL3")) flag++;
if (rpm_check(release:"RHEL4", reference:"tar-1.14-12.RHEL4")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get() + redhat_report_package_caveat()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "tar");
}
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | tar | p-cpe:/a:redhat:enterprise_linux:tar |
| redhat | enterprise_linux | 2.1 | cpe:/o:redhat:enterprise_linux:2.1 |
| redhat | enterprise_linux | 3 | cpe:/o:redhat:enterprise_linux:3 |
| redhat | enterprise_linux | 4 | cpe:/o:redhat:enterprise_linux:4 |
Related
nessus
nessus
openSUSE 10 Security Update : tar (tar-2351)
2007-10-17 00:00:00
openSUSE 10 Security Update : tar (tar-2343)
2007-10-17 00:00:00
Ubuntu 5.10 / 6.06 LTS / 6.10 : tar vulnerability (USN-385-1)
2007-11-10 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200612-10 (tar)
2008-09-24 00:00:00
FreeBSD Ports: gtar
2008-09-04 00:00:00
SLES9: Security update for tar
2009-10-10 00:00:00
debian
debian
[SECURITY] [DSA 1223-1] New tar packages fix arbitrary file overwrite
2006-12-01 16:26:11
[SECURITY] [DSA 1223-1] New tar packages fix arbitrary file overwrite
2006-12-01 00:00:00
oraclelinux
oraclelinux
Moderate tar security update
2006-12-20 00:00:00
centos
centos
tar security update
2006-12-20 15:42:51
tar security update
2006-12-20 03:41:54
slackware
slackware
[slackware-security] tar
2006-12-01 22:55:57
ubuntu
ubuntu
tar vulnerability
2006-11-27 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-06:26.gtar
2006-12-06 00:00:00
freebsd
freebsd
gtar -- name mangling symlink vulnerability
2006-12-06 00:00:00
gtar -- GNUTYPE_NAMES directory traversal vulnerability
2006-11-21 00:00:00
gentoo
gentoo
Tar: Directory traversal vulnerability
2006-12-11 00:00:00
redhat
redhat
(RHSA-2006:0749) Moderate: tar security update
2006-12-19 00:00:00
debiancve
debiancve
CVE-2006-6097
2006-11-24 18:07:00
cvelist
cvelist
CVE-2006-6097
2006-11-24 18:00:00
cve
cve
CVE-2006-6097
2006-11-24 18:07:00
ubuntucve
ubuntucve
CVE-2006-6097
2006-11-24 00:00:00
Related for REDHAT-RHSA-2006-0749.NASL