ID UBUNTU_USN-2456-1.NASL Type nessus Reporter Tenable Modified 2016-05-24T00:00:00
Description
Michal Zalewski discovered an out of bounds write issue in the process_copy_in function of GNU cpio. An attacker could specially craft a cpio archive that could create a denial of service or possibly execute arbitrary code. (CVE-2014-9112)
Jakob Lell discovered a heap-based buffer overflow in the rmt_read__ function of GNU cpio's rmt client functionality. An attacker controlling a remote rmt server could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 10.04 LTS. (CVE-2010-0624).
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-2456-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include("compat.inc");
if (description)
{
script_id(80441);
script_version("$Revision: 1.5 $");
script_cvs_date("$Date: 2016/05/24 17:37:07 $");
script_cve_id("CVE-2010-0624", "CVE-2014-9112");
script_bugtraq_id(38628, 71248);
script_osvdb_id(62857, 62950, 115187);
script_xref(name:"USN", value:"2456-1");
script_name(english:"Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : cpio vulnerabilities (USN-2456-1)");
script_summary(english:"Checks dpkg output for updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Ubuntu host is missing a security-related patch."
);
script_set_attribute(
attribute:"description",
value:
"Michal Zalewski discovered an out of bounds write issue in the
process_copy_in function of GNU cpio. An attacker could specially
craft a cpio archive that could create a denial of service or possibly
execute arbitrary code. (CVE-2014-9112)
Jakob Lell discovered a heap-based buffer overflow in the rmt_read__
function of GNU cpio's rmt client functionality. An attacker
controlling a remote rmt server could use this to cause a denial of
service or possibly execute arbitrary code. This issue only affected
Ubuntu 10.04 LTS. (CVE-2010-0624).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(attribute:"solution", value:"Update the affected cpio package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:cpio");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.10");
script_set_attribute(attribute:"patch_publication_date", value:"2015/01/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/09");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"Ubuntu Security Notice (C) 2015-2016 Canonical, Inc. / NASL script (C) 2015-2016 Tenable Network Security, Inc.");
script_family(english:"Ubuntu Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! ereg(pattern:"^(10\.04|12\.04|14\.04|14\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 10.04 / 12.04 / 14.04 / 14.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
flag = 0;
if (ubuntu_check(osver:"10.04", pkgname:"cpio", pkgver:"2.10-1ubuntu2.1")) flag++;
if (ubuntu_check(osver:"12.04", pkgname:"cpio", pkgver:"2.11-7ubuntu3.1")) flag++;
if (ubuntu_check(osver:"14.04", pkgname:"cpio", pkgver:"2.11+dfsg-1ubuntu1.1")) flag++;
if (ubuntu_check(osver:"14.10", pkgname:"cpio", pkgver:"2.11+dfsg-2ubuntu1.1")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cpio");
}
{"id": "UBUNTU_USN-2456-1.NASL", "bulletinFamily": "scanner", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : cpio vulnerabilities (USN-2456-1)", "description": "Michal Zalewski discovered an out of bounds write issue in the process_copy_in function of GNU cpio. An attacker could specially craft a cpio archive that could create a denial of service or possibly execute arbitrary code. (CVE-2014-9112)\n\nJakob Lell discovered a heap-based buffer overflow in the rmt_read__ function of GNU cpio's rmt client functionality. An attacker controlling a remote rmt server could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 10.04 LTS. (CVE-2010-0624).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-01-09T00:00:00", "modified": "2016-05-24T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=80441", "reporter": "Tenable", "references": [], "cvelist": ["CVE-2014-9112", "CVE-2010-0624"], "type": "nessus", "lastseen": "2017-10-29T13:37:30", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2014-9112", "CVE-2010-0624"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Michal Zalewski discovered an out of bounds write issue in the process_copy_in function of GNU cpio. An attacker could specially craft a cpio archive that could create a denial of service or possibly execute arbitrary code. (CVE-2014-9112)\n\nJakob Lell discovered a heap-based buffer overflow in the rmt_read__ function of GNU cpio's rmt client functionality. An attacker controlling a remote rmt server could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 10.04 LTS. (CVE-2010-0624).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 1, "enchantments": {}, "hash": "1bf800e37898058f8b90d5abb0f36192b9838fc5a952d10cebfb1c7a43859e46", "hashmap": [{"hash": "32786eac6dc4ab274900f630c92f6d3c", "key": "sourceData"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "4e4647c0d8c08aca7129a55bf5b360fa", "key": "published"}, {"hash": "ddab325b78ee84639dc78b61e4febc39", "key": "modified"}, {"hash": "31e7a667f36ce7931861fd6f03ff2562", "key": "href"}, {"hash": "facb28268e1917f264d516f9cbc579d8", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "abcca042386f08c394305409e8bbe29b", "key": "description"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "68885b121c09dbce3c35b55b4c47ffa8", "key": "pluginID"}, {"hash": "30fcd7a32cd197eb5fe45b5f5e316333", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=80441", "id": "UBUNTU_USN-2456-1.NASL", "lastseen": "2016-09-26T17:24:24", "modified": "2016-05-24T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.2", "pluginID": "80441", "published": "2015-01-09T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2456-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80441);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2016/05/24 17:37:07 $\");\n\n script_cve_id(\"CVE-2010-0624\", \"CVE-2014-9112\");\n script_bugtraq_id(38628, 71248);\n script_osvdb_id(62857, 62950, 115187);\n script_xref(name:\"USN\", value:\"2456-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : cpio vulnerabilities (USN-2456-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Michal Zalewski discovered an out of bounds write issue in the\nprocess_copy_in function of GNU cpio. An attacker could specially\ncraft a cpio archive that could create a denial of service or possibly\nexecute arbitrary code. (CVE-2014-9112)\n\nJakob Lell discovered a heap-based buffer overflow in the rmt_read__\nfunction of GNU cpio's rmt client functionality. An attacker\ncontrolling a remote rmt server could use this to cause a denial of\nservice or possibly execute arbitrary code. This issue only affected\nUbuntu 10.04 LTS. (CVE-2010-0624).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cpio package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:cpio\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2016 Canonical, Inc. / NASL script (C) 2015-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04|12\\.04|14\\.04|14\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 14.04 / 14.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"cpio\", pkgver:\"2.10-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"cpio\", pkgver:\"2.11-7ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"cpio\", pkgver:\"2.11+dfsg-1ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"cpio\", pkgver:\"2.11+dfsg-2ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cpio\");\n}\n", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : cpio vulnerabilities (USN-2456-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:24:24"}], "edition": 2, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "48b40699da2a3a923acc49cee033624f"}, {"key": "cvelist", "hash": "facb28268e1917f264d516f9cbc579d8"}, {"key": "cvss", "hash": "737e2591b537c46d1ca7ce6f0cea5cb9"}, {"key": "description", "hash": "abcca042386f08c394305409e8bbe29b"}, {"key": "href", "hash": "31e7a667f36ce7931861fd6f03ff2562"}, {"key": "modified", "hash": "ddab325b78ee84639dc78b61e4febc39"}, {"key": "naslFamily", "hash": "c9b7d00377a789a14c9bb9dab6c7168c"}, {"key": "pluginID", "hash": "68885b121c09dbce3c35b55b4c47ffa8"}, {"key": "published", "hash": "4e4647c0d8c08aca7129a55bf5b360fa"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "32786eac6dc4ab274900f630c92f6d3c"}, {"key": "title", "hash": "30fcd7a32cd197eb5fe45b5f5e316333"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "e4fbb3628ab1944053498fff1b157b41792080d82ee0520846d574deba2d834d", "viewCount": 0, "enchantments": {"vulnersScore": 2.8}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2456-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80441);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2016/05/24 17:37:07 $\");\n\n script_cve_id(\"CVE-2010-0624\", \"CVE-2014-9112\");\n script_bugtraq_id(38628, 71248);\n script_osvdb_id(62857, 62950, 115187);\n script_xref(name:\"USN\", value:\"2456-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : cpio vulnerabilities (USN-2456-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Michal Zalewski discovered an out of bounds write issue in the\nprocess_copy_in function of GNU cpio. An attacker could specially\ncraft a cpio archive that could create a denial of service or possibly\nexecute arbitrary code. (CVE-2014-9112)\n\nJakob Lell discovered a heap-based buffer overflow in the rmt_read__\nfunction of GNU cpio's rmt client functionality. An attacker\ncontrolling a remote rmt server could use this to cause a denial of\nservice or possibly execute arbitrary code. This issue only affected\nUbuntu 10.04 LTS. (CVE-2010-0624).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cpio package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:cpio\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2016 Canonical, Inc. / NASL script (C) 2015-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04|12\\.04|14\\.04|14\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 14.04 / 14.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"cpio\", pkgver:\"2.10-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"cpio\", pkgver:\"2.11-7ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"cpio\", pkgver:\"2.11+dfsg-1ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"cpio\", pkgver:\"2.11+dfsg-2ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cpio\");\n}\n", "naslFamily": "Ubuntu Local Security Checks", "pluginID": "80441", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:cpio", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04"]}
{"result": {"cve": [{"id": "CVE-2014-9112", "type": "cve", "title": "CVE-2014-9112", "description": "Heap-based buffer overflow in the process_copy_in function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive.", "published": "2014-12-02T11:59:05", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9112", "cvelist": ["CVE-2014-9112"], "lastseen": "2017-09-08T10:27:07"}, {"id": "CVE-2010-0624", "type": "cve", "title": "CVE-2010-0624", "description": "Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character.", "published": "2010-03-15T09:28:25", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0624", "cvelist": ["CVE-2010-0624"], "lastseen": "2017-09-19T13:36:52"}], "nessus": [{"id": "ORACLELINUX_ELSA-2015-2108.NASL", "type": "nessus", "title": "Oracle Linux 7 : cpio (ELSA-2015-2108)", "description": "From Red Hat Security Advisory 2015:2108 :\n\nUpdated cpio packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe cpio packages provide the GNU cpio utility for creating and extracting archives, or copying files from one place to another.\n\nA heap-based buffer overflow flaw was found in cpio's list_file() function. An attacker could provide a specially crafted archive that, when processed by cpio, would crash cpio, or potentially lead to arbitrary code execution. (CVE-2014-9112)\n\nThis update fixes the following bugs :\n\n* Previously, during archive creation, cpio internals did not detect a read() system call failure. Based on the premise that the call succeeded, cpio terminated unexpectedly with a segmentation fault without processing further files. The underlying source code has been patched, and an archive is now created successfully. (BZ#1138148)\n\n* Previously, running the cpio command without parameters on Red Hat Enterprise Linux 7 with Russian as the default language resulted in an error message that was not accurate in Russian due to an error in spelling. This has been corrected and the Russian error message is spelled correctly. (BZ#1075513)\n\nAll cpio users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.", "published": "2015-11-24T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=87021", "cvelist": ["CVE-2014-9112"], "lastseen": "2017-10-29T13:44:53"}, {"id": "CENTOS_RHSA-2015-2108.NASL", "type": "nessus", "title": "CentOS 7 : cpio (CESA-2015:2108)", "description": "Updated cpio packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe cpio packages provide the GNU cpio utility for creating and extracting archives, or copying files from one place to another.\n\nA heap-based buffer overflow flaw was found in cpio's list_file() function. An attacker could provide a specially crafted archive that, when processed by cpio, would crash cpio, or potentially lead to arbitrary code execution. (CVE-2014-9112)\n\nThis update fixes the following bugs :\n\n* Previously, during archive creation, cpio internals did not detect a read() system call failure. Based on the premise that the call succeeded, cpio terminated unexpectedly with a segmentation fault without processing further files. The underlying source code has been patched, and an archive is now created successfully. (BZ#1138148)\n\n* Previously, running the cpio command without parameters on Red Hat Enterprise Linux 7 with Russian as the default language resulted in an error message that was not accurate in Russian due to an error in spelling. This has been corrected and the Russian error message is spelled correctly. (BZ#1075513)\n\nAll cpio users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.", "published": "2015-12-02T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=87130", "cvelist": ["CVE-2014-9112"], "lastseen": "2017-10-29T13:32:54"}, {"id": "FEDORA_2014-16250.NASL", "type": "nessus", "title": "Fedora 20 : cpio-2.11-28.fc20 (2014-16250)", "description": "Security fix for CVE-2014-9112 (#1167573)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-01-06T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=80364", "cvelist": ["CVE-2014-9112"], "lastseen": "2017-10-29T13:36:38"}, {"id": "FEDORA_2014-16168.NASL", "type": "nessus", "title": "Fedora 21 : cpio-2.11-33.fc21 (2014-16168)", "description": "Security fix for CVE-2014-9112 (#1167573)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2014-12-18T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=80089", "cvelist": ["CVE-2014-9112"], "lastseen": "2017-10-29T13:37:29"}, {"id": "DEBIAN_DSA-3111.NASL", "type": "nessus", "title": "Debian DSA-3111-1 : cpio - security update", "description": "Michal Zalewski discovered an out of bounds write issue in cpio, a tool for creating and extracting cpio archive files. In the process of fixing that issue, the cpio developers found and fixed additional range checking and NULL pointer dereference issues.", "published": "2014-12-30T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=80284", "cvelist": ["CVE-2014-9112"], "lastseen": "2017-10-29T13:37:23"}, {"id": "DEBIAN_DLA-111.NASL", "type": "nessus", "title": "Debian DLA-111-1 : cpio security update", "description": "Multiple issues have been identified in cpio, including a buffer overflow and multiple NULL pointer dereference, resulting at least in a denial of service and possibly also in an unwanted code execution.\n\nThis has been fixed in Debian 6 Squeeze with version 2.11-4+deb6u1 by applying the upstream patches.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-03-26T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=82095", "cvelist": ["CVE-2014-9112"], "lastseen": "2017-10-29T13:44:55"}, {"id": "MANDRIVA_MDVSA-2014-250.NASL", "type": "nessus", "title": "Mandriva Linux Security Advisory : cpio (MDVSA-2014:250)", "description": "Updated cpio package fixes security vulnerability :\n\nHeap-based buffer overflow in the process_copy_in function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive (CVE-2014-9112).\n\nAdditionally, a NULL pointer dereference in the copyin_link function which could cause a denial of service has also been fixed.", "published": "2014-12-15T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=79995", "cvelist": ["CVE-2014-9112"], "lastseen": "2017-10-29T13:38:29"}, {"id": "OPENSUSE-2014-771.NASL", "type": "nessus", "title": "openSUSE Security Update : cpio (openSUSE-SU-2014:1643-1)", "description": "This cpio update fixes the following secuirty issue :\n\n - fix an OOB write with cpio -i (bnc#907456) (CVE-2014-9112)", "published": "2014-12-16T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=80044", "cvelist": ["CVE-2014-9112"], "lastseen": "2017-10-29T13:39:40"}, {"id": "REDHAT-RHSA-2015-2108.NASL", "type": "nessus", "title": "RHEL 7 : cpio (RHSA-2015:2108)", "description": "Updated cpio packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe cpio packages provide the GNU cpio utility for creating and extracting archives, or copying files from one place to another.\n\nA heap-based buffer overflow flaw was found in cpio's list_file() function. An attacker could provide a specially crafted archive that, when processed by cpio, would crash cpio, or potentially lead to arbitrary code execution. (CVE-2014-9112)\n\nThis update fixes the following bugs :\n\n* Previously, during archive creation, cpio internals did not detect a read() system call failure. Based on the premise that the call succeeded, cpio terminated unexpectedly with a segmentation fault without processing further files. The underlying source code has been patched, and an archive is now created successfully. (BZ#1138148)\n\n* Previously, running the cpio command without parameters on Red Hat Enterprise Linux 7 with Russian as the default language resulted in an error message that was not accurate in Russian due to an error in spelling. This has been corrected and the Russian error message is spelled correctly. (BZ#1075513)\n\nAll cpio users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.", "published": "2015-11-20T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=86969", "cvelist": ["CVE-2014-9112"], "lastseen": "2017-10-29T13:33:36"}, {"id": "SL_20151119_CPIO_ON_SL7_X.NASL", "type": "nessus", "title": "Scientific Linux Security Update : cpio on SL7.x x86_64", "description": "A heap-based buffer overflow flaw was found in cpio's list_file() function. An attacker could provide a specially crafted archive that, when processed by cpio, would crash cpio, or potentially lead to arbitrary code execution. (CVE-2014-9112)\n\nThis update fixes the following bugs :\n\n - Previously, during archive creation, cpio internals did not detect a read() system call failure. Based on the premise that the call succeeded, cpio terminated unexpectedly with a segmentation fault without processing further files. The underlying source code has been patched, and an archive is now created successfully.\n\n - Previously, running the cpio command without parameters on Scientific Linux 7 with Russian as the default language resulted in an error message that was not accurate in Russian due to an error in spelling. This has been corrected and the Russian error message is spelled correctly.", "published": "2015-12-22T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=87552", "cvelist": ["CVE-2014-9112"], "lastseen": "2017-10-29T13:42:58"}], "openvas": [{"id": "OPENVAS:1361412562310868805", "type": "openvas", "title": "Fedora Update for cpio FEDORA-2014-16168", "description": "Check the version of cpio", "published": "2015-01-05T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868805", "cvelist": ["CVE-2014-9112"], "lastseen": "2017-07-25T10:52:35"}, {"id": "OPENVAS:703111", "type": "openvas", "title": "Debian Security Advisory DSA 3111-1 (cpio - security update)", "description": "Michal Zalewski discovered\nan out of bounds write issue in cpio, a tool for creating and extracting cpio\narchive files. In the process of fixing that issue, the cpio developers found\nand fixed additional range checking and null pointer dereference issues.", "published": "2014-12-22T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=703111", "cvelist": ["CVE-2014-9112"], "lastseen": "2017-07-28T10:49:05"}, {"id": "OPENVAS:1361412562310871486", "type": "openvas", "title": "RedHat Update for cpio RHSA-2015:2108-03", "description": "Check the version of cpio", "published": "2015-11-20T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871486", "cvelist": ["CVE-2014-9112"], "lastseen": "2017-07-27T10:52:03"}, {"id": "OPENVAS:1361412562310122738", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-2108", "description": "Oracle Linux Local Security Checks ELSA-2015-2108", "published": "2015-11-24T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122738", "cvelist": ["CVE-2014-9112"], "lastseen": "2017-07-24T12:53:25"}, {"id": "OPENVAS:1361412562310703111", "type": "openvas", "title": "Debian Security Advisory DSA 3111-1 (cpio - security update)", "description": "Michal Zalewski discovered\nan out of bounds write issue in cpio, a tool for creating and extracting cpio\narchive files. In the process of fixing that issue, the cpio developers found\nand fixed additional range checking and null pointer dereference issues.", "published": "2014-12-22T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703111", "cvelist": ["CVE-2014-9112"], "lastseen": "2018-04-06T11:13:03"}, {"id": "OPENVAS:1361412562310121350", "type": "openvas", "title": "Gentoo Linux Local Check: https://security.gentoo.org/glsa/201502-11", "description": "Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201502-11", "published": "2015-09-29T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121350", "cvelist": ["CVE-2014-9112", "CVE-2015-1197"], "lastseen": "2018-04-09T11:29:32"}, {"id": "OPENVAS:1361412562310842040", "type": "openvas", "title": "Ubuntu Update for cpio USN-2456-1", "description": "Check the version of cpio", "published": "2015-01-23T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842040", "cvelist": ["CVE-2014-9112", "CVE-2010-0624"], "lastseen": "2017-12-04T11:23:54"}, {"id": "OPENVAS:861783", "type": "openvas", "title": "Fedora Update for tar FEDORA-2010-4309", "description": "Check for the Version of tar", "published": "2010-03-22T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=861783", "cvelist": ["CVE-2010-0624"], "lastseen": "2017-12-14T11:48:26"}, {"id": "OPENVAS:1361412562310870231", "type": "openvas", "title": "RedHat Update for cpio RHSA-2010:0143-01", "description": "Check for the Version of cpio", "published": "2010-03-22T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870231", "cvelist": ["CVE-2010-0624"], "lastseen": "2018-01-02T10:54:46"}, {"id": "OPENVAS:1361412562310880373", "type": "openvas", "title": "CentOS Update for cpio CESA-2010:0143 centos4 i386", "description": "Check for the Version of cpio", "published": "2010-03-22T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880373", "cvelist": ["CVE-2010-0624"], "lastseen": "2018-01-26T11:05:40"}], "redhat": [{"id": "RHSA-2015:2108", "type": "redhat", "title": "(RHSA-2015:2108) Moderate: cpio security and bug fix update", "description": "The cpio packages provide the GNU cpio utility for creating and extracting\narchives, or copying files from one place to another.\n\nA heap-based buffer overflow flaw was found in cpio's list_file() function.\nAn attacker could provide a specially crafted archive that, when processed\nby cpio, would crash cpio, or potentially lead to arbitrary code execution.\n(CVE-2014-9112)\n\nThis update fixes the following bugs:\n\n* Previously, during archive creation, cpio internals did not detect a\nread() system call failure. Based on the premise that the call succeeded,\ncpio terminated unexpectedly with a segmentation fault without processing\nfurther files. The underlying source code has been patched, and an archive\nis now created successfully. (BZ#1138148)\n\n* Previously, running the cpio command without parameters on Red Hat\nEnterprise Linux 7 with Russian as the default language resulted in an\nerror message that was not accurate in Russian due to an error in spelling.\nThis has been corrected and the Russian error message is spelled correctly.\n(BZ#1075513)\n\nAll cpio users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues.", "published": "2015-11-19T19:43:07", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2015:2108", "cvelist": ["CVE-2014-9112"], "lastseen": "2018-04-15T11:09:14"}, {"id": "RHSA-2010:0143", "type": "redhat", "title": "(RHSA-2010:0143) Moderate: cpio security update", "description": "GNU cpio copies files into or out of a cpio or tar archive.\n\nA heap-based buffer overflow flaw was found in the way cpio expanded\narchive files. If a user were tricked into expanding a specially-crafted\narchive, it could cause the cpio executable to crash or execute arbitrary\ncode with the privileges of the user running cpio. (CVE-2010-0624)\n\nRed Hat would like to thank Jakob Lell for responsibly reporting this\nissue.\n\nUsers of cpio are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.", "published": "2010-03-15T04:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2010:0143", "cvelist": ["CVE-2010-0624"], "lastseen": "2017-09-09T07:19:38"}, {"id": "RHSA-2010:0142", "type": "redhat", "title": "(RHSA-2010:0142) Moderate: tar security update", "description": "The GNU tar program saves many files together in one archive and can\nrestore individual files (or all of the files) from that archive.\n\nA heap-based buffer overflow flaw was found in the way tar expanded archive\nfiles. If a user were tricked into expanding a specially-crafted archive,\nit could cause the tar executable to crash or execute arbitrary code with\nthe privileges of the user running tar. (CVE-2010-0624)\n\nRed Hat would like to thank Jakob Lell for responsibly reporting this\nissue.\n\nUsers of tar are advised to upgrade to this updated package, which contains\na backported patch to correct this issue.", "published": "2010-03-15T04:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2010:0142", "cvelist": ["CVE-2010-0624"], "lastseen": "2017-08-01T06:58:11"}, {"id": "RHSA-2010:0144", "type": "redhat", "title": "(RHSA-2010:0144) Moderate: cpio security update", "description": "GNU cpio copies files into or out of a cpio or tar archive.\n\nA heap-based buffer overflow flaw was found in the way cpio expanded\narchive files. If a user were tricked into expanding a specially-crafted\narchive, it could cause the cpio executable to crash or execute arbitrary\ncode with the privileges of the user running cpio. (CVE-2010-0624)\n\nRed Hat would like to thank Jakob Lell for responsibly reporting the\nCVE-2010-0624 issue.\n\nA denial of service flaw was found in the way cpio expanded archive files.\nIf a user expanded a specially-crafted archive, it could cause the cpio\nexecutable to crash. (CVE-2007-4476)\n\nUsers of cpio are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.", "published": "2010-03-15T04:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2010:0144", "cvelist": ["CVE-2007-4476", "CVE-2010-0624"], "lastseen": "2017-09-09T07:20:38"}, {"id": "RHSA-2010:0141", "type": "redhat", "title": "(RHSA-2010:0141) Moderate: tar security update", "description": "The GNU tar program saves many files together in one archive and can\nrestore individual files (or all of the files) from that archive.\n\nA heap-based buffer overflow flaw was found in the way tar expanded archive\nfiles. If a user were tricked into expanding a specially-crafted archive,\nit could cause the tar executable to crash or execute arbitrary code with\nthe privileges of the user running tar. (CVE-2010-0624)\n\nRed Hat would like to thank Jakob Lell for responsibly reporting the\nCVE-2010-0624 issue.\n\nA denial of service flaw was found in the way tar expanded archive files.\nIf a user expanded a specially-crafted archive, it could cause the tar\nexecutable to crash. (CVE-2007-4476)\n\nUsers of tar are advised to upgrade to this updated package, which contains\nbackported patches to correct these issues.", "published": "2010-03-15T04:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2010:0141", "cvelist": ["CVE-2007-4476", "CVE-2010-0624"], "lastseen": "2017-09-09T07:19:45"}, {"id": "RHSA-2010:0145", "type": "redhat", "title": "(RHSA-2010:0145) Moderate: cpio security update", "description": "GNU cpio copies files into or out of a cpio or tar archive.\n\nA heap-based buffer overflow flaw was found in the way cpio expanded\narchive files. If a user were tricked into expanding a specially-crafted\narchive, it could cause the cpio executable to crash or execute arbitrary\ncode with the privileges of the user running cpio. (CVE-2010-0624)\n\nRed Hat would like to thank Jakob Lell for responsibly reporting the\nCVE-2010-0624 issue.\n\nA stack-based buffer overflow flaw was found in the way cpio expanded large\narchive files. If a user expanded a specially-crafted archive, it could\ncause the cpio executable to crash. This issue only affected 64-bit\nplatforms. (CVE-2005-4268)\n\nUsers of cpio are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.", "published": "2010-03-15T04:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2010:0145", "cvelist": ["CVE-2005-4268", "CVE-2010-0624"], "lastseen": "2017-08-01T08:57:43"}], "oraclelinux": [{"id": "ELSA-2015-2108", "type": "oraclelinux", "title": "cpio security and bug fix update", "description": "[2.11-24]\n- fix for CVE-2014-9112\n[2.11-23]\n- better check for read() error (rhbz#1138148)\n- fix ru translation (rhbz#1075513)", "published": "2015-11-23T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2015-2108.html", "cvelist": ["CVE-2014-9112"], "lastseen": "2016-09-04T11:16:38"}, {"id": "ELSA-2010-0143", "type": "oraclelinux", "title": "cpio security update", "description": "[2.5-16.1]\n- CVE-2010-0624 fix heap-based buffer overflow by expanding\n a specially-crafted archive", "published": "2010-03-15T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2010-0143.html", "cvelist": ["CVE-2010-0624"], "lastseen": "2016-09-04T11:16:18"}, {"id": "ELSA-2010-0142", "type": "oraclelinux", "title": "tar security update", "description": "[1.13.25-16.RHEL3]\n- CVE-2010-0624 - fix heap-based buffer overflow by expanding\n a specially-crafted archive", "published": "2010-03-15T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2010-0142.html", "cvelist": ["CVE-2010-0624"], "lastseen": "2016-09-04T11:16:41"}, {"id": "ELSA-2010-0145", "type": "oraclelinux", "title": "cpio security update", "description": "[2.5-6]\n- CVE-2010-0624 fix heap-based buffer overflow by expanding\n a specially-crafted archive\n[2.5-5.RHEL3]\n- fix buffer overflow on 64-bit systems (#229191)", "published": "2010-03-15T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2010-0145.html", "cvelist": ["CVE-2010-0624"], "lastseen": "2016-09-04T11:16:17"}, {"id": "ELSA-2010-0144", "type": "oraclelinux", "title": "cpio security update", "description": "[2.6-23.1]\n- CVE-2010-0624 fix heap-based buffer overflow by expanding\n a specially-crafted archive\n- CVE-2007-4476 fix stack crashing in safer_name_suffix ", "published": "2010-03-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2010-0144.html", "cvelist": ["CVE-2007-4476", "CVE-2010-0624"], "lastseen": "2016-09-04T11:16:36"}, {"id": "ELSA-2010-0141", "type": "oraclelinux", "title": "tar security update", "description": "[2:1.15.1-23.0.1.2]\n- CVE-2007-4476 - fix stack crashing in safer_name_suffix\n- CVE-2010-0624 - fix heap-based buffer overflow by expanding\n a specially-crafted archive ", "published": "2010-03-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2010-0141.html", "cvelist": ["CVE-2007-4476", "CVE-2010-0624"], "lastseen": "2016-09-04T11:16:57"}], "centos": [{"id": "CESA-2015:2108", "type": "centos", "title": "cpio security update", "description": "**CentOS Errata and Security Advisory** CESA-2015:2108\n\n\nThe cpio packages provide the GNU cpio utility for creating and extracting\narchives, or copying files from one place to another.\n\nA heap-based buffer overflow flaw was found in cpio's list_file() function.\nAn attacker could provide a specially crafted archive that, when processed\nby cpio, would crash cpio, or potentially lead to arbitrary code execution.\n(CVE-2014-9112)\n\nThis update fixes the following bugs:\n\n* Previously, during archive creation, cpio internals did not detect a\nread() system call failure. Based on the premise that the call succeeded,\ncpio terminated unexpectedly with a segmentation fault without processing\nfurther files. The underlying source code has been patched, and an archive\nis now created successfully. (BZ#1138148)\n\n* Previously, running the cpio command without parameters on Red Hat\nEnterprise Linux 7 with Russian as the default language resulted in an\nerror message that was not accurate in Russian due to an error in spelling.\nThis has been corrected and the Russian error message is spelled correctly.\n(BZ#1075513)\n\nAll cpio users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2015-November/002174.html\n\n**Affected packages:**\ncpio\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-2108.html", "published": "2015-11-30T19:26:10", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-cr-announce/2015-November/002174.html", "cvelist": ["CVE-2014-9112"], "lastseen": "2017-10-03T18:26:21"}, {"id": "CESA-2010:0143", "type": "centos", "title": "cpio security update", "description": "**CentOS Errata and Security Advisory** CESA-2010:0143\n\n\nGNU cpio copies files into or out of a cpio or tar archive.\n\nA heap-based buffer overflow flaw was found in the way cpio expanded\narchive files. If a user were tricked into expanding a specially-crafted\narchive, it could cause the cpio executable to crash or execute arbitrary\ncode with the privileges of the user running cpio. (CVE-2010-0624)\n\nRed Hat would like to thank Jakob Lell for responsibly reporting this\nissue.\n\nUsers of cpio are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016572.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016573.html\n\n**Affected packages:**\ncpio\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0143.html", "published": "2010-03-17T16:35:58", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2010-March/016572.html", "cvelist": ["CVE-2010-0624"], "lastseen": "2017-10-03T18:25:05"}, {"id": "CESA-2010:0142", "type": "centos", "title": "tar security update", "description": "**CentOS Errata and Security Advisory** CESA-2010:0142\n\n\nThe GNU tar program saves many files together in one archive and can\nrestore individual files (or all of the files) from that archive.\n\nA heap-based buffer overflow flaw was found in the way tar expanded archive\nfiles. If a user were tricked into expanding a specially-crafted archive,\nit could cause the tar executable to crash or execute arbitrary code with\nthe privileges of the user running tar. (CVE-2010-0624)\n\nRed Hat would like to thank Jakob Lell for responsibly reporting this\nissue.\n\nUsers of tar are advised to upgrade to this updated package, which contains\na backported patch to correct this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016564.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016565.html\n\n**Affected packages:**\ntar\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0142.html", "published": "2010-03-17T16:26:37", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2010-March/016564.html", "cvelist": ["CVE-2010-0624"], "lastseen": "2017-10-12T14:45:38"}, {"id": "CESA-2010:0141", "type": "centos", "title": "tar security update", "description": "**CentOS Errata and Security Advisory** CESA-2010:0141\n\n\nThe GNU tar program saves many files together in one archive and can\nrestore individual files (or all of the files) from that archive.\n\nA heap-based buffer overflow flaw was found in the way tar expanded archive\nfiles. If a user were tricked into expanding a specially-crafted archive,\nit could cause the tar executable to crash or execute arbitrary code with\nthe privileges of the user running tar. (CVE-2010-0624)\n\nRed Hat would like to thank Jakob Lell for responsibly reporting the\nCVE-2010-0624 issue.\n\nA denial of service flaw was found in the way tar expanded archive files.\nIf a user expanded a specially-crafted archive, it could cause the tar\nexecutable to crash. (CVE-2007-4476)\n\nUsers of tar are advised to upgrade to this updated package, which contains\nbackported patches to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016558.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016559.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016570.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016571.html\n\n**Affected packages:**\ntar\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0141.html", "published": "2010-03-16T13:59:13", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2010-March/016558.html", "cvelist": ["CVE-2007-4476", "CVE-2010-0624"], "lastseen": "2017-10-03T18:24:53"}, {"id": "CESA-2010:0144", "type": "centos", "title": "cpio security update", "description": "**CentOS Errata and Security Advisory** CESA-2010:0144\n\n\nGNU cpio copies files into or out of a cpio or tar archive.\n\nA heap-based buffer overflow flaw was found in the way cpio expanded\narchive files. If a user were tricked into expanding a specially-crafted\narchive, it could cause the cpio executable to crash or execute arbitrary\ncode with the privileges of the user running cpio. (CVE-2010-0624)\n\nRed Hat would like to thank Jakob Lell for responsibly reporting the\nCVE-2010-0624 issue.\n\nA denial of service flaw was found in the way cpio expanded archive files.\nIf a user expanded a specially-crafted archive, it could cause the cpio\nexecutable to crash. (CVE-2007-4476)\n\nUsers of cpio are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016556.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016557.html\n\n**Affected packages:**\ncpio\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0144.html", "published": "2010-03-16T13:58:04", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2010-March/016556.html", "cvelist": ["CVE-2007-4476", "CVE-2010-0624"], "lastseen": "2017-10-03T18:26:18"}, {"id": "CESA-2010:0145", "type": "centos", "title": "cpio security update", "description": "**CentOS Errata and Security Advisory** CESA-2010:0145\n\n\nGNU cpio copies files into or out of a cpio or tar archive.\n\nA heap-based buffer overflow flaw was found in the way cpio expanded\narchive files. If a user were tricked into expanding a specially-crafted\narchive, it could cause the cpio executable to crash or execute arbitrary\ncode with the privileges of the user running cpio. (CVE-2010-0624)\n\nRed Hat would like to thank Jakob Lell for responsibly reporting the\nCVE-2010-0624 issue.\n\nA stack-based buffer overflow flaw was found in the way cpio expanded large\narchive files. If a user expanded a specially-crafted archive, it could\ncause the cpio executable to crash. This issue only affected 64-bit\nplatforms. (CVE-2005-4268)\n\nUsers of cpio are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016562.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016563.html\n\n**Affected packages:**\ncpio\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0145.html", "published": "2010-03-17T16:25:35", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2010-March/016562.html", "cvelist": ["CVE-2005-4268", "CVE-2010-0624"], "lastseen": "2017-10-12T14:45:27"}], "archlinux": [{"id": "ASA-201501-5", "type": "archlinux", "title": "cpio: heap buffer overflow", "description": "A heap-based buffer overflow flaw was reported in cpio's list_file()\nfunction. Attempting to extract a malicious cpio archive could cause\ncpio to crash or, potentially, execute arbitrary code.\nAs noted in the original report, this issue could be trigger via other\nutilities, such as when running "less".", "published": "2015-01-14T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html", "cvelist": ["CVE-2014-9112"], "lastseen": "2016-09-02T18:44:47"}], "debian": [{"id": "DSA-3111", "type": "debian", "title": "cpio -- security update", "description": "Michal Zalewski discovered an out of bounds write issue in cpio, a tool for creating and extracting cpio archive files. In the process of fixing that issue, the cpio developers found and fixed additional range checking and null pointer dereference issues.\n\nFor the stable distribution (wheezy), this problem has been fixed in version 2.11+dfsg-0.1+deb7u1.\n\nFor the upcoming stable distribution (jessie), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in version 2.11+dfsg-4.\n\nWe recommend that you upgrade your cpio packages.", "published": "2014-12-22T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-3111", "cvelist": ["CVE-2014-9112"], "lastseen": "2016-09-02T18:23:22"}, {"id": "DLA-111", "type": "debian", "title": "cpio -- LTS security update", "description": "Multiple issues have been identified in cpio, including a buffer overflow and multiple NULL pointer dereference, resulting at least in a denial of service and possibly also in an unwanted code execution.\n\nThis has been fixed in Debian 6 Squeeze with version 2.11-4+deb6u1 by applying the upstream patches.", "published": "2014-12-15T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://www.debian.org/security/2014/dla-111", "cvelist": ["CVE-2014-9112"], "lastseen": "2016-09-02T12:56:58"}], "freebsd": [{"id": "72EE9707-D7B2-11E4-8D8E-F8B156B6DCC8", "type": "freebsd", "title": "cpio -- multiple vulnerabilities", "description": "\nFrom the Debian Security Team:\n\nHeap-based buffer overflow in the process_copy_in\n\t function in GNU Cpio 2.11 allows remote attackers to cause\n\t a denial of service via a large block value in a cpio\n\t archive.\n\n\ncpio 2.11, when using the --no-absolute-filenames\n\t option, allows local users to write to arbitrary files\n\t via a symlink attack on a file in an archive.\n\n", "published": "2015-03-27T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/72ee9707-d7b2-11e4-8d8e-f8b156b6dcc8.html", "cvelist": ["CVE-2014-9112", "CVE-2015-1197"], "lastseen": "2016-09-26T17:24:20"}, {"id": "C175D72F-3773-11DF-8BB8-0211D880E350", "type": "freebsd", "title": "gtar -- buffer overflow in rmt client", "description": "\nJakob Lell reports:\n\nThe rmt client implementation of GNU Tar/Cpio contains\n\t a heap-based buffer overflow which possibly allows\n\t arbitrary code execution.\nThe problem can be exploited when using an\n\t untrusted/compromised rmt server.\n\n", "published": "2010-03-24T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/c175d72f-3773-11df-8bb8-0211d880e350.html", "cvelist": ["CVE-2010-0624"], "lastseen": "2016-09-26T17:24:49"}], "ubuntu": [{"id": "USN-2456-1", "type": "ubuntu", "title": "GNU cpio vulnerabilities", "description": "Michal Zalewski discovered an out of bounds write issue in the process_copy_in function of GNU cpio. An attacker could specially craft a cpio archive that could create a denial of service or possibly execute arbitrary code. (CVE-2014-9112)\n\nJakob Lell discovered a heap-based buffer overflow in the rmt_read__ function of GNU cpio\u2019s rmt client functionality. An attacker controlling a remote rmt server could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 10.04 LTS. (CVE-2010-0624)", "published": "2015-01-08T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/2456-1/", "cvelist": ["CVE-2014-9112", "CVE-2010-0624"], "lastseen": "2018-03-29T18:19:32"}], "gentoo": [{"id": "GLSA-201502-11", "type": "gentoo", "title": "GNU cpio: Multiple vulnerabilities", "description": "### Background\n\nGNU cpio copies files into or out of a cpio or tar archive.\n\n### Description\n\nTwo vulnerabilities have been discovered in GNU cpio:\n\n * The list_file function in GNU cpio contains a heap-based buffer overflow vulnerability (CVE-2014-9112) \n * A directory traversal vulnerability has been found in GNU cpio (CVE-2015-1197) \n\n### Impact\n\nA remote attacker may be able to entice a user to open a specially crafted archive using GNU cpio, possibly resulting in execution of arbitrary code, a Denial of Service condition, or overwriting arbitrary files. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll GNU cpio users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-arch/cpio-2.11-r3\"", "published": "2015-02-15T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://security.gentoo.org/glsa/201502-11", "cvelist": ["CVE-2014-9112", "CVE-2015-1197"], "lastseen": "2016-09-06T19:46:23"}, {"id": "GLSA-201311-21", "type": "gentoo", "title": "cpio: Arbitrary code execution", "description": "### Background\n\nGNU cpio copies files into or out of a cpio or tar archive.\n\n### Description\n\nCpio contains a heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c. \n\n### Impact\n\nA remote server could sending more data than was requested, related to archive filenames that contain a : (colon) character, possibly resulting in execution of arbitrary code or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll cpio users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-arch/cpio-2.11\"", "published": "2013-11-28T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://security.gentoo.org/glsa/201311-21", "cvelist": ["CVE-2010-0624"], "lastseen": "2016-09-06T19:46:21"}, {"id": "GLSA-201111-11", "type": "gentoo", "title": "GNU Tar: User-assisted execution of arbitrary code", "description": "### Background\n\nGNU Tar is a utility to create archives as well as add and extract files from archives. \n\n### Description\n\nGNU Tar is vulnerable to a boundary error in the rmt_read__ function in lib/rtapelib.c, which could cause a heap-based buffer overflow. \n\n### Impact\n\nA remote attacker could entice the user to load a specially crafted archive, possibly resulting in the execution of arbitrary code or a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll GNU Tar users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-arch/tar-1.23\"\n \n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are available since July 18, 2010. It is likely that your system is already no longer affected by this issue.", "published": "2011-11-20T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://security.gentoo.org/glsa/201111-11", "cvelist": ["CVE-2010-0624"], "lastseen": "2016-09-06T19:46:50"}], "vmware": [{"id": "VMSA-2010-0013", "type": "vmware", "title": "VMware ESX third party updates for Service Console", "description": "a. Service Console update for cpio \n \nThe service console package cpio is updated to version 2.5-6.RHEL3 for ESX 3.x versions and updated to version 2.6-23.el5_4.1 for ESX 4.x versions. \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-4268 and CVE-2010-0624 to the issues addressed in the update for ESX 3.x and the names CVE-2007-4476 and CVE-2010-0624 to the issues addressed in the update for ESX 4.x. \nColumn 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. \n\n", "published": "2010-08-31T00:00:00", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.vmware.com/security/advisories/VMSA-2010-0013.html", "cvelist": ["CVE-2007-4476", "CVE-2008-5302", "CVE-2008-5303", "CVE-2010-1168", "CVE-2005-4268", "CVE-2010-0624", "CVE-2010-1447", "CVE-2010-1321", "CVE-2010-2063"], "lastseen": "2016-09-04T11:19:35"}], "seebug": [{"id": "SSV:30015", "type": "seebug", "title": "VMware ESX Service Console\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e", "description": "CVE ID: CVE-2005-4268,CVE-2010-0624,CVE-2007-4476,CVE-2010-2063,CVE-2010-1321,CVE-2010-1168,CVE-2010-1447,CVE-2008-5302,CVE-2008-5303\r\n\r\nVMware ESX Server\u662f\u4e3a\u9002\u7528\u4e8e\u4efb\u4f55\u7cfb\u7edf\u73af\u5883\u7684\u4f01\u4e1a\u7ea7\u865a\u62df\u8ba1\u7b97\u673a\u8f6f\u4ef6\u3002\r\n\r\nESX Console OS (COS)\u5728cpio\u3001tar\u3001perl\u3001krb5\u3001samba\u7b49\u5e94\u7528\u7684\u5b9e\u73b0\u4e0a\u5b58\u5728\u591a\u4e2a\u6f0f\u6d1e\uff0c\u5176\u4e2d\u6700\u4e25\u91cd\u7684\u6f0f\u6d1e\u53ef\u9020\u6210\u670d\u52a1\u5668\u62d2\u7edd\u670d\u52a1\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\n0\nVMWare ESX Server\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nVMWare\r\n------\r\nVMWare\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08VMSA-2010-0013\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\n\r\nVMSA-2010-0013\uff1aVMware ESX third party updates for Service Console\r\n\r\n\u94fe\u63a5\uff1ahttp://www.vmware.com/security/advisories/VMSA-2010-0013.html", "published": "2012-01-13T00:00:00", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.seebug.org/vuldb/ssvid-30015", "cvelist": ["CVE-2005-4268", "CVE-2007-4476", "CVE-2008-5302", "CVE-2008-5303", "CVE-2010-0624", "CVE-2010-1168", "CVE-2010-1321", "CVE-2010-1447", "CVE-2010-2063"], "lastseen": "2017-11-19T18:00:40"}]}}
