ID RHSA-2006:0232 Type redhat Reporter RedHat Modified 2017-09-08T08:17:29
Description
The GNU tar program saves many files together in one archive and can
restore individual files (or all of the files) from that archive.
Jim Meyering discovered a buffer overflow bug in the way GNU tar extracts
malformed archives. By tricking a user into extracting a malicious tar
archive, it is possible to execute arbitrary code as the user running tar.
The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned
the name CVE-2006-0300 to this issue.
Users of tar should upgrade to this updated package, which contains a
backported patch to correct this issue.
{"id": "RHSA-2006:0232", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2006:0232) tar security update", "description": "The GNU tar program saves many files together in one archive and can\r\nrestore individual files (or all of the files) from that archive.\r\n\r\nJim Meyering discovered a buffer overflow bug in the way GNU tar extracts\r\nmalformed archives. By tricking a user into extracting a malicious tar\r\narchive, it is possible to execute arbitrary code as the user running tar.\r\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) assigned\r\nthe name CVE-2006-0300 to this issue.\r\n\r\nUsers of tar should upgrade to this updated package, which contains a\r\nbackported patch to correct this issue.", "published": "2006-03-01T00:00:00", "modified": "2017-09-08T08:17:29", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "href": "https://access.redhat.com/errata/RHSA-2006:0232", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2006-0300"], "immutableFields": [], "lastseen": "2021-10-21T04:45:16", "viewCount": 1, "enchantments": {"score": {"value": 6.8, "vector": "NONE"}, "dependencies": {"references": [{"type": "centos", "idList": ["CESA-2006:0232"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2006-161"]}, {"type": "cve", "idList": ["CVE-2006-0300"]}, {"type": "debian", "idList": ["DEBIAN:DSA-987-1:0FC63", "DEBIAN:DSA-987-1:F1041"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2006-0300"]}, {"type": "freebsd", "idList": ["6107EFB9-AAE3-11DA-AEA1-000854D03344"]}, {"type": "gentoo", "idList": ["GLSA-200603-06"]}, {"type": "nessus", "idList": ["3947.PRM", "CENTOS_RHSA-2006-0232.NASL", "DEBIAN_DSA-987.NASL", "FREEBSD_PKG_6107EFB9AAE311DAAEA1000854D03344.NASL", "GENTOO_GLSA-200603-06.NASL", "MACOSX_10_4_9.NASL", "MACOSX_SECUPD2007-004.NASL", "MANDRAKE_MDKSA-2006-046.NASL", "NEWSTART_CGSL_NS-SA-2019-0089_TAR.NASL", "NEWSTART_CGSL_NS-SA-2019-0153_TAR.NASL", "REDHAT-RHSA-2006-0232.NASL", "SOLARIS10_139099-04.NASL", "SOLARIS10_139099-07.NASL", "SOLARIS10_139099.NASL", "SOLARIS10_X86_139100-04.NASL", "SOLARIS10_X86_139100-07.NASL", "SOLARIS10_X86_139100.NASL", "SOLARIS9_118191.NASL", "SOLARIS9_X86_118192.NASL", "UBUNTU_USN-257-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310855115", "OPENVAS:1361412562310855178", "OPENVAS:1361412562310855295", "OPENVAS:1361412562310855348", "OPENVAS:1361412562310855413", "OPENVAS:1361412562310855433", "OPENVAS:56350", "OPENVAS:56393", "OPENVAS:56414", "OPENVAS:855115", "OPENVAS:855178", "OPENVAS:855295", "OPENVAS:855348", "OPENVAS:855413", "OPENVAS:855433"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:11548"]}, {"type": "ubuntu", "idList": ["USN-257-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2006-0300"]}], "rev": 4}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2006:0232"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2006-161"]}, {"type": "cve", "idList": ["CVE-2006-0300"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2006-0300"]}, {"type": "freebsd", "idList": ["6107EFB9-AAE3-11DA-AEA1-000854D03344"]}, {"type": "nessus", "idList": ["UBUNTU_USN-257-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310855115", "OPENVAS:855178"]}]}, "exploitation": null, "vulnersScore": 6.8}, "affectedPackage": [{"OS": "RedHat", "OSVersion": "any", "arch": "s390x", "packageVersion": "1.14-9.RHEL4", "packageFilename": "tar-1.14-9.RHEL4.s390x.rpm", "operator": "lt", "packageName": "tar"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageVersion": "1.14-9.RHEL4", "packageFilename": "tar-1.14-9.RHEL4.ia64.rpm", "operator": "lt", "packageName": "tar"}, {"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageVersion": "1.14-9.RHEL4", "packageFilename": "tar-1.14-9.RHEL4.i386.rpm", "operator": "lt", "packageName": "tar"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ppc", "packageVersion": "1.14-9.RHEL4", "packageFilename": "tar-1.14-9.RHEL4.ppc.rpm", "operator": "lt", "packageName": "tar"}, {"OS": "RedHat", "OSVersion": "any", "arch": "src", "packageVersion": "1.14-9.RHEL4", "packageFilename": "tar-1.14-9.RHEL4.src.rpm", "operator": "lt", "packageName": "tar"}, {"OS": "RedHat", "OSVersion": "any", "arch": "s390", "packageVersion": "1.14-9.RHEL4", "packageFilename": "tar-1.14-9.RHEL4.s390.rpm", "operator": "lt", "packageName": "tar"}, {"OS": "RedHat", "OSVersion": "any", "arch": "x86_64", "packageVersion": "1.14-9.RHEL4", "packageFilename": "tar-1.14-9.RHEL4.x86_64.rpm", "operator": "lt", "packageName": "tar"}], "vendorCvss": {"severity": "moderate"}, "_state": {"dependencies": 1647314399}}
{"nessus": [{"lastseen": "2021-08-19T13:16:05", "description": "An updated tar package that fixes a buffer overflow bug is now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having Moderate security impact by the Red Hat Security Response Team.\n\nThe GNU tar program saves many files together in one archive and can restore individual files (or all of the files) from that archive.\n\nJim Meyering discovered a buffer overflow bug in the way GNU tar extracts malformed archives. By tricking a user into extracting a malicious tar archive, it is possible to execute arbitrary code as the user running tar. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CVE-2006-0300 to this issue.\n\nUsers of tar should upgrade to this updated package, which contains a backported patch to correct this issue.", "cvss3": {"score": null, "vector": null}, "published": "2006-03-06T00:00:00", "type": "nessus", "title": "RHEL 4 : tar (RHSA-2006:0232)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:tar", "cpe:/o:redhat:enterprise_linux:4"], "id": "REDHAT-RHSA-2006-0232.NASL", "href": "https://www.tenable.com/plugins/nessus/21005", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2006:0232. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21005);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-0300\");\n script_xref(name:\"RHSA\", value:\"2006:0232\");\n\n script_name(english:\"RHEL 4 : tar (RHSA-2006:0232)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated tar package that fixes a buffer overflow bug is now\navailable for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having Moderate security impact by the\nRed Hat Security Response Team.\n\nThe GNU tar program saves many files together in one archive and can\nrestore individual files (or all of the files) from that archive.\n\nJim Meyering discovered a buffer overflow bug in the way GNU tar\nextracts malformed archives. By tricking a user into extracting a\nmalicious tar archive, it is possible to execute arbitrary code as the\nuser running tar. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) assigned the name CVE-2006-0300 to this issue.\n\nUsers of tar should upgrade to this updated package, which contains a\nbackported patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-0300\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2006:0232\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected tar package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tar\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/02/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/03/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2006:0232\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"tar-1.14-9.RHEL4\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tar\");\n }\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:31:45", "description": "SunOS 5.10: gtar patch.\nDate this patch was last updated by Sun : Jul/16/18", "cvss3": {"score": null, "vector": null}, "published": "2018-07-17T00:00:00", "type": "nessus", "title": "Solaris 10 (sparc) : 139099-07", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2020-01-07T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:139099", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_139099-07.NASL", "href": "https://www.tenable.com/plugins/nessus/111115", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111115);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/07\");\n\n script_cve_id(\"CVE-2006-0300\");\n\n script_name(english:\"Solaris 10 (sparc) : 139099-07\");\n script_summary(english:\"Check for patch 139099-07\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 139099-07\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.10: gtar patch.\nDate this patch was last updated by Sun : Jul/16/18\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/139099-07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 139099-07 or higher\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2006-0300\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:139099\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"sparc\") audit(AUDIT_ARCH_NOT, \"sparc\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"139099-07\", obsoleted_by:\"\", package:\"SUNWgtar\", version:\"11.10.0,REV=2005.01.08.05.16\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"139099-07\", obsoleted_by:\"\", package:\"SUNWgtarS\", version:\"11.10.0,REV=2005.01.08.05.16\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"139099-07\", obsoleted_by:\"\", package:\"SUNWsfinf\", version:\"11.10.0,REV=2005.01.08.05.16\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWgtar / SUNWgtarS / SUNWsfinf / SUNWsfman\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:15:47", "description": "GNU tar is vulnerable to a buffer overflow, caused by improper bounds checking of the PAX extended headers. By tricking an user into processing a specially crafted tar archive, this could be exploited to execute arbitrary code with the privileges of the user.", "cvss3": {"score": null, "vector": null}, "published": "2006-05-13T00:00:00", "type": "nessus", "title": "FreeBSD : gtar -- invalid headers buffer overflow (6107efb9-aae3-11da-aea1-000854d03344)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:gtar", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_6107EFB9AAE311DAAEA1000854D03344.NASL", "href": "https://www.tenable.com/plugins/nessus/21437", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21437);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-0300\");\n script_bugtraq_id(16764);\n\n script_name(english:\"FreeBSD : gtar -- invalid headers buffer overflow (6107efb9-aae3-11da-aea1-000854d03344)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"GNU tar is vulnerable to a buffer overflow, caused by improper bounds\nchecking of the PAX extended headers. By tricking an user into\nprocessing a specially crafted tar archive, this could be exploited to\nexecute arbitrary code with the privileges of the user.\"\n );\n # https://vuxml.freebsd.org/freebsd/6107efb9-aae3-11da-aea1-000854d03344.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0cc80517\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gtar\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/02/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/05/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gtar<1.15.1_2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:15:37", "description": "An updated tar package that fixes a buffer overflow bug is now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having Moderate security impact by the Red Hat Security Response Team.\n\nThe GNU tar program saves many files together in one archive and can restore individual files (or all of the files) from that archive.\n\nJim Meyering discovered a buffer overflow bug in the way GNU tar extracts malformed archives. By tricking a user into extracting a malicious tar archive, it is possible to execute arbitrary code as the user running tar. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CVE-2006-0300 to this issue.\n\nUsers of tar should upgrade to this updated package, which contains a backported patch to correct this issue.", "cvss3": {"score": null, "vector": null}, "published": "2006-07-05T00:00:00", "type": "nessus", "title": "CentOS 4 : tar (CESA-2006:0232)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:tar", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2006-0232.NASL", "href": "https://www.tenable.com/plugins/nessus/21988", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2006:0232 and \n# CentOS Errata and Security Advisory 2006:0232 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21988);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-0300\");\n script_xref(name:\"RHSA\", value:\"2006:0232\");\n\n script_name(english:\"CentOS 4 : tar (CESA-2006:0232)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated tar package that fixes a buffer overflow bug is now\navailable for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having Moderate security impact by the\nRed Hat Security Response Team.\n\nThe GNU tar program saves many files together in one archive and can\nrestore individual files (or all of the files) from that archive.\n\nJim Meyering discovered a buffer overflow bug in the way GNU tar\nextracts malformed archives. By tricking a user into extracting a\nmalicious tar archive, it is possible to execute arbitrary code as the\nuser running tar. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) assigned the name CVE-2006-0300 to this issue.\n\nUsers of tar should upgrade to this updated package, which contains a\nbackported patch to correct this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-March/012690.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?24ef4cc7\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-March/012693.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4d160c37\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-March/012694.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?76da94de\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected tar package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tar\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/02/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/07/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", reference:\"tar-1.14-9.RHEL4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tar\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:09:39", "description": "SunOS 5.10: gtar patch.\nDate this patch was last updated by Sun : Apr/19/10\n\nThis plugin has been deprecated and either replaced with individual 139099 patch-revision plugins, or deemed non-security related.", "cvss3": {"score": null, "vector": null}, "published": "2008-09-08T00:00:00", "type": "nessus", "title": "Solaris 10 (sparc) : 139099-04 (deprecated)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:sun:solaris"], "id": "SOLARIS10_139099.NASL", "href": "https://www.tenable.com/plugins/nessus/34106", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2018/03/12. Deprecated and either replaced by\n# individual patch-revision plugins, or has been deemed a\n# non-security advisory.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34106);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-0300\");\n\n script_name(english:\"Solaris 10 (sparc) : 139099-04 (deprecated)\");\n script_summary(english:\"Check for patch 139099-04\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"This plugin has been deprecated.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"SunOS 5.10: gtar patch.\nDate this patch was last updated by Sun : Apr/19/10\n\nThis plugin has been deprecated and either replaced with individual\n139099 patch-revision plugins, or deemed non-security related.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/139099-04\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"n/a\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/09/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated. Consult specific patch-revision plugins for patch 139099 instead.\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:15:59", "description": "The remote host is affected by the vulnerability described in GLSA-200603-06 (GNU tar: Buffer overflow)\n\n Jim Meyering discovered a flaw in the handling of certain header fields that could result in a buffer overflow when extracting or listing the contents of an archive.\n Impact :\n\n A remote attacker could construct a malicious tar archive that could potentially execute arbitrary code with the privileges of the user running GNU tar.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2006-03-13T00:00:00", "type": "nessus", "title": "GLSA-200603-06 : GNU tar: Buffer overflow", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:tar", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200603-06.NASL", "href": "https://www.tenable.com/plugins/nessus/21044", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200603-06.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21044);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-0300\");\n script_xref(name:\"GLSA\", value:\"200603-06\");\n\n script_name(english:\"GLSA-200603-06 : GNU tar: Buffer overflow\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200603-06\n(GNU tar: Buffer overflow)\n\n Jim Meyering discovered a flaw in the handling of certain header\n fields that could result in a buffer overflow when extracting or\n listing the contents of an archive.\n \nImpact :\n\n A remote attacker could construct a malicious tar archive that\n could potentially execute arbitrary code with the privileges of the\n user running GNU tar.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200603-06\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All GNU tar users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-arch/tar-1.15.1-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:tar\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/03/13\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/02/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-arch/tar\", unaffected:make_list(\"ge 1.15.1-r1\"), vulnerable:make_list(\"lt 1.15.1-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"GNU tar\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:09:15", "description": "SunOS 5.9_x86: gtar patch.\nDate this patch was last updated by Sun : Apr/19/10", "cvss3": {"score": null, "vector": null}, "published": "2008-12-02T00:00:00", "type": "nessus", "title": "Solaris 9 (x86) : 118192-05", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:sun:solaris"], "id": "SOLARIS9_X86_118192.NASL", "href": "https://www.tenable.com/plugins/nessus/35001", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35001);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-0300\");\n\n script_name(english:\"Solaris 9 (x86) : 118192-05\");\n script_summary(english:\"Check for patch 118192-05\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 118192-05\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.9_x86: gtar patch.\nDate this patch was last updated by Sun : Apr/19/10\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/118192-05\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"You should install this patch for your system to be up-to-date.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.9_x86\", arch:\"i386\", patch:\"118192-05\", obsoleted_by:\"\", package:\"SUNWgtar\", version:\"11.9.0,REV=2002.03.02.00.30\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report());\n else security_warning(0);\n exit(0);\n}\naudit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:19:00", "description": "SunOS 5.10_x86: gtar patch.\nDate this patch was last updated by Sun : Jul/16/18", "cvss3": {"score": null, "vector": null}, "published": "2018-07-17T00:00:00", "type": "nessus", "title": "Solaris 10 (x86) : 139100-07", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2020-01-07T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:139100", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_X86_139100-07.NASL", "href": "https://www.tenable.com/plugins/nessus/111125", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111125);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/07\");\n\n script_cve_id(\"CVE-2006-0300\");\n\n script_name(english:\"Solaris 10 (x86) : 139100-07\");\n script_summary(english:\"Check for patch 139100-07\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 139100-07\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.10_x86: gtar patch.\nDate this patch was last updated by Sun : Jul/16/18\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/139100-07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 139100-07 or higher\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2006-0300\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:139100\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"i386\") audit(AUDIT_ARCH_NOT, \"i386\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"139100-07\", obsoleted_by:\"\", package:\"SUNWgtar\", version:\"11.10.0,REV=2005.01.08.01.09\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"139100-07\", obsoleted_by:\"\", package:\"SUNWgtarS\", version:\"11.10.0,REV=2005.01.08.01.09\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"139100-07\", obsoleted_by:\"\", package:\"SUNWsfinf\", version:\"11.10.0,REV=2005.01.08.01.09\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWgtar / SUNWgtarS / SUNWsfinf / SUNWsfman\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:15:55", "description": "Jim Meyering discovered that tar did not properly verify the validity of certain header fields in a GNU tar archive. By tricking an user into processing a specially crafted tar archive, this could be exploited to execute arbitrary code with the privileges of the user.\n\nThe tar version in Ubuntu 4.10 is not affected by this vulnerability.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2006-03-13T00:00:00", "type": "nessus", "title": "Ubuntu 5.04 / 5.10 : tar vulnerability (USN-257-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:tar", "cpe:/o:canonical:ubuntu_linux:5.04", "cpe:/o:canonical:ubuntu_linux:5.10"], "id": "UBUNTU_USN-257-1.NASL", "href": "https://www.tenable.com/plugins/nessus/21065", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-257-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21065);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2006-0300\");\n script_xref(name:\"USN\", value:\"257-1\");\n\n script_name(english:\"Ubuntu 5.04 / 5.10 : tar vulnerability (USN-257-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jim Meyering discovered that tar did not properly verify the validity\nof certain header fields in a GNU tar archive. By tricking an user\ninto processing a specially crafted tar archive, this could be\nexploited to execute arbitrary code with the privileges of the user.\n\nThe tar version in Ubuntu 4.10 is not affected by this vulnerability.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected tar package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:tar\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/02/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/03/13\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/02/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(5\\.04|5\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 5.04 / 5.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"5.04\", pkgname:\"tar\", pkgver:\"1.14-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"tar\", pkgver:\"1.15.1-2ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tar\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:15:00", "description": "Jim Meyering discovered several buffer overflows in GNU tar, which may lead to the execution of arbitrary code through specially crafted tar archives.", "cvss3": {"score": null, "vector": null}, "published": "2006-10-14T00:00:00", "type": "nessus", "title": "Debian DSA-987-1 : tar - buffer overflow", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:tar", "cpe:/o:debian:debian_linux:3.1"], "id": "DEBIAN_DSA-987.NASL", "href": "https://www.tenable.com/plugins/nessus/22853", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-987. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22853);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-0300\");\n script_xref(name:\"DSA\", value:\"987\");\n\n script_name(english:\"Debian DSA-987-1 : tar - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jim Meyering discovered several buffer overflows in GNU tar, which may\nlead to the execution of arbitrary code through specially crafted tar\narchives.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2006/dsa-987\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tar package.\n\nThe old stable distribution (woody) is not affected by this problem.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 1.14-2.1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tar\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/02/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"tar\", reference:\"1.14-2.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:16:05", "description": "Gnu tar versions 1.14 and above have a buffer overflow vulnerability and some other issues including :\n\n - Carefully crafted invalid headers can cause buffer overrun.\n\n - Invalid header fields go undiagnosed.\n\n - Some valid time strings are ignored.\n\nThe updated packages have been patched to address this issue.", "cvss3": {"score": null, "vector": null}, "published": "2006-02-22T00:00:00", "type": "nessus", "title": "Mandrake Linux Security Advisory : tar (MDKSA-2006:046)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:tar", "cpe:/o:mandrakesoft:mandrake_linux:10.1", "cpe:/o:mandriva:linux:2006", "x-cpe:/o:mandrakesoft:mandrake_linux:le2005"], "id": "MANDRAKE_MDKSA-2006-046.NASL", "href": "https://www.tenable.com/plugins/nessus/20964", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2006:046. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(20964);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-0300\");\n script_xref(name:\"MDKSA\", value:\"2006:046\");\n\n script_name(english:\"Mandrake Linux Security Advisory : tar (MDKSA-2006:046)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Mandrake Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Gnu tar versions 1.14 and above have a buffer overflow vulnerability\nand some other issues including :\n\n - Carefully crafted invalid headers can cause buffer\n overrun.\n\n - Invalid header fields go undiagnosed.\n\n - Some valid time strings are ignored.\n\nThe updated packages have been patched to address this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected tar package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tar\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2006\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:mandrakesoft:mandrake_linux:le2005\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/02/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.1\", reference:\"tar-1.14-1.1.101mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK10.2\", reference:\"tar-1.15.1-2.1.102mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK2006.0\", reference:\"tar-1.15.1-5.1.20060mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:09:11", "description": "SunOS 5.9: gtar patch.\nDate this patch was last updated by Sun : Apr/19/10", "cvss3": {"score": null, "vector": null}, "published": "2008-12-02T00:00:00", "type": "nessus", "title": "Solaris 9 (sparc) : 118191-05", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:sun:solaris"], "id": "SOLARIS9_118191.NASL", "href": "https://www.tenable.com/plugins/nessus/34997", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34997);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-0300\");\n\n script_name(english:\"Solaris 9 (sparc) : 118191-05\");\n script_summary(english:\"Check for patch 118191-05\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 118191-05\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.9: gtar patch.\nDate this patch was last updated by Sun : Apr/19/10\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/118191-05\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"You should install this patch for your system to be up-to-date.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"118191-05\", obsoleted_by:\"\", package:\"SUNWgtar\", version:\"11.9.0,REV=2002.03.02.00.35\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report());\n else security_warning(0);\n exit(0);\n}\naudit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:09:42", "description": "SunOS 5.10_x86: gtar patch.\nDate this patch was last updated by Sun : Apr/19/10\n\nThis plugin has been deprecated and either replaced with individual 139100 patch-revision plugins, or deemed non-security related.", "cvss3": {"score": null, "vector": null}, "published": "2008-09-08T00:00:00", "type": "nessus", "title": "Solaris 10 (x86) : 139100-04 (deprecated)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:sun:solaris"], "id": "SOLARIS10_X86_139100.NASL", "href": "https://www.tenable.com/plugins/nessus/34107", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2018/03/12. Deprecated and either replaced by\n# individual patch-revision plugins, or has been deemed a\n# non-security advisory.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34107);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-0300\");\n\n script_name(english:\"Solaris 10 (x86) : 139100-04 (deprecated)\");\n script_summary(english:\"Check for patch 139100-04\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"This plugin has been deprecated.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"SunOS 5.10_x86: gtar patch.\nDate this patch was last updated by Sun : Apr/19/10\n\nThis plugin has been deprecated and either replaced with individual\n139100 patch-revision plugins, or deemed non-security related.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/139100-04\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"n/a\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/09/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated. Consult specific patch-revision plugins for patch 139100 instead.\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:33:34", "description": "SunOS 5.10: gtar patch.\nDate this patch was last updated by Sun : Apr/19/10", "cvss3": {"score": null, "vector": null}, "published": "2018-03-12T00:00:00", "type": "nessus", "title": "Solaris 10 (sparc) : 139099-04", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300", "CVE-2010-0624"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:139099", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_139099-04.NASL", "href": "https://www.tenable.com/plugins/nessus/107509", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107509);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-0300\", \"CVE-2010-0624\");\n\n script_name(english:\"Solaris 10 (sparc) : 139099-04\");\n script_summary(english:\"Check for patch 139099-04\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 139099-04\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.10: gtar patch.\nDate this patch was last updated by Sun : Apr/19/10\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/139099-04\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 139099-04\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:139099\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"sparc\") audit(AUDIT_ARCH_NOT, \"sparc\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"139099-04\", obsoleted_by:\"\", package:\"SUNWgtar\", version:\"11.10.0,REV=2005.01.08.05.16\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"139099-04\", obsoleted_by:\"\", package:\"SUNWgtarS\", version:\"11.10.0,REV=2005.01.08.05.16\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"139099-04\", obsoleted_by:\"\", package:\"SUNWsfinf\", version:\"11.10.0,REV=2005.01.08.05.16\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWgtar / SUNWgtarS / SUNWsfinf / SUNWsfman\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:33:34", "description": "SunOS 5.10_x86: gtar patch.\nDate this patch was last updated by Sun : Apr/19/10", "cvss3": {"score": null, "vector": null}, "published": "2018-03-12T00:00:00", "type": "nessus", "title": "Solaris 10 (x86) : 139100-04", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300", "CVE-2010-0624"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:139100", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_X86_139100-04.NASL", "href": "https://www.tenable.com/plugins/nessus/108007", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(108007);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-0300\", \"CVE-2010-0624\");\n\n script_name(english:\"Solaris 10 (x86) : 139100-04\");\n script_summary(english:\"Check for patch 139100-04\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 139100-04\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.10_x86: gtar patch.\nDate this patch was last updated by Sun : Apr/19/10\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/139100-04\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 139100-04\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:139100\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"i386\") audit(AUDIT_ARCH_NOT, \"i386\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"139100-04\", obsoleted_by:\"\", package:\"SUNWgtar\", version:\"11.10.0,REV=2005.01.08.01.09\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"139100-04\", obsoleted_by:\"\", package:\"SUNWgtarS\", version:\"11.10.0,REV=2005.01.08.01.09\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"139100-04\", obsoleted_by:\"\", package:\"SUNWsfinf\", version:\"11.10.0,REV=2005.01.08.01.09\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWgtar / SUNWgtarS / SUNWsfinf / SUNWsfman\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-20T15:05:10", "description": "The remote NewStart CGSL host, running version MAIN 4.06, has tar packages installed that are affected by multiple vulnerabilities:\n\n - Buffer overflow in tar 1.14 through 1.15.90 allows user- assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.\n (CVE-2006-0300)\n\n - GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function in extract.c and extract_mangle function in mangle.c, a variant of CVE-2002-1216. (CVE-2006-6097)\n\n - Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.\n (CVE-2007-4131)\n\n - Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a crashing stack. (CVE-2007-4476)\n\n - Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character.\n (CVE-2010-0624)\n\n - Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka POINTYFEATHER. (CVE-2016-6321)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 4.06 : tar Multiple Vulnerabilities (NS-SA-2019-0089)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2002-1216", "CVE-2006-0300", "CVE-2006-6097", "CVE-2007-4131", "CVE-2007-4476", "CVE-2010-0624", "CVE-2016-6321"], "modified": "2022-05-19T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0089_TAR.NASL", "href": "https://www.tenable.com/plugins/nessus/127307", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0089. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127307);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\n \"CVE-2006-0300\",\n \"CVE-2006-6097\",\n \"CVE-2007-4131\",\n \"CVE-2007-4476\",\n \"CVE-2010-0624\",\n \"CVE-2016-6321\"\n );\n\n script_name(english:\"NewStart CGSL MAIN 4.06 : tar Multiple Vulnerabilities (NS-SA-2019-0089)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 4.06, has tar packages installed that are affected by multiple\nvulnerabilities:\n\n - Buffer overflow in tar 1.14 through 1.15.90 allows user-\n assisted attackers to cause a denial of service\n (application crash) and possibly execute code via\n unspecified vectors involving PAX extended headers.\n (CVE-2006-0300)\n\n - GNU tar 1.16 and 1.15.1, and possibly other versions,\n allows user-assisted attackers to overwrite arbitrary\n files via a tar file that contains a GNUTYPE_NAMES\n record with a symbolic link, which is not properly\n handled by the extract_archive function in extract.c and\n extract_mangle function in mangle.c, a variant of\n CVE-2002-1216. (CVE-2006-6097)\n\n - Directory traversal vulnerability in the\n contains_dot_dot function in src/names.c in GNU tar\n allows user-assisted remote attackers to overwrite\n arbitrary files via certain //.. (slash slash dot dot)\n sequences in directory symlinks in a TAR archive.\n (CVE-2007-4131)\n\n - Buffer overflow in the safer_name_suffix function in GNU\n tar has unspecified attack vectors and impact, resulting\n in a crashing stack. (CVE-2007-4476)\n\n - Heap-based buffer overflow in the rmt_read__ function in\n lib/rtapelib.c in the rmt client functionality in GNU\n tar before 1.23 and GNU cpio before 2.11 allows remote\n rmt servers to cause a denial of service (memory\n corruption) or possibly execute arbitrary code by\n sending more data than was requested, related to archive\n filenames that contain a : (colon) character.\n (CVE-2010-0624)\n\n - Directory traversal vulnerability in the\n safer_name_suffix function in GNU tar 1.14 through 1.29\n might allow remote attackers to bypass an intended\n protection mechanism and write to arbitrary files via\n vectors related to improper sanitization of the\n file_name parameter, aka POINTYFEATHER. (CVE-2016-6321)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0089\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL tar packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2007-4476\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2016-6321\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL MAIN 4.06\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 4.06');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL MAIN 4.06\": [\n \"tar-1.23-15.el6_8.cgslv4_6.0.1.gff7e116\",\n \"tar-debuginfo-1.23-15.el6_8.cgslv4_6.0.1.gff7e116\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tar\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-20T15:07:28", "description": "The remote NewStart CGSL host, running version MAIN 4.05, has tar packages installed that are affected by multiple vulnerabilities:\n\n - Buffer overflow in tar 1.14 through 1.15.90 allows user- assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.\n (CVE-2006-0300)\n\n - GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function in extract.c and extract_mangle function in mangle.c, a variant of CVE-2002-1216. (CVE-2006-6097)\n\n - Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.\n (CVE-2007-4131)\n\n - Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a crashing stack. (CVE-2007-4476)\n\n - Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character.\n (CVE-2010-0624)\n\n - Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka POINTYFEATHER. (CVE-2016-6321)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 4.05 : tar Multiple Vulnerabilities (NS-SA-2019-0153)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2002-1216", "CVE-2006-0300", "CVE-2006-6097", "CVE-2007-4131", "CVE-2007-4476", "CVE-2010-0624", "CVE-2016-6321"], "modified": "2022-05-19T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0153_TAR.NASL", "href": "https://www.tenable.com/plugins/nessus/127428", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0153. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127428);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\n \"CVE-2006-0300\",\n \"CVE-2006-6097\",\n \"CVE-2007-4131\",\n \"CVE-2007-4476\",\n \"CVE-2010-0624\",\n \"CVE-2016-6321\"\n );\n\n script_name(english:\"NewStart CGSL MAIN 4.05 : tar Multiple Vulnerabilities (NS-SA-2019-0153)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 4.05, has tar packages installed that are affected by multiple\nvulnerabilities:\n\n - Buffer overflow in tar 1.14 through 1.15.90 allows user-\n assisted attackers to cause a denial of service\n (application crash) and possibly execute code via\n unspecified vectors involving PAX extended headers.\n (CVE-2006-0300)\n\n - GNU tar 1.16 and 1.15.1, and possibly other versions,\n allows user-assisted attackers to overwrite arbitrary\n files via a tar file that contains a GNUTYPE_NAMES\n record with a symbolic link, which is not properly\n handled by the extract_archive function in extract.c and\n extract_mangle function in mangle.c, a variant of\n CVE-2002-1216. (CVE-2006-6097)\n\n - Directory traversal vulnerability in the\n contains_dot_dot function in src/names.c in GNU tar\n allows user-assisted remote attackers to overwrite\n arbitrary files via certain //.. (slash slash dot dot)\n sequences in directory symlinks in a TAR archive.\n (CVE-2007-4131)\n\n - Buffer overflow in the safer_name_suffix function in GNU\n tar has unspecified attack vectors and impact, resulting\n in a crashing stack. (CVE-2007-4476)\n\n - Heap-based buffer overflow in the rmt_read__ function in\n lib/rtapelib.c in the rmt client functionality in GNU\n tar before 1.23 and GNU cpio before 2.11 allows remote\n rmt servers to cause a denial of service (memory\n corruption) or possibly execute arbitrary code by\n sending more data than was requested, related to archive\n filenames that contain a : (colon) character.\n (CVE-2010-0624)\n\n - Directory traversal vulnerability in the\n safer_name_suffix function in GNU tar 1.14 through 1.29\n might allow remote attackers to bypass an intended\n protection mechanism and write to arbitrary files via\n vectors related to improper sanitization of the\n file_name parameter, aka POINTYFEATHER. (CVE-2016-6321)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0153\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL tar packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2007-4476\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2016-6321\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL MAIN 4.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 4.05');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL MAIN 4.05\": [\n \"tar-1.23-15.el6_8.cgslv4_6.0.1.gff7e116\",\n \"tar-debuginfo-1.23-15.el6_8.cgslv4_6.0.1.gff7e116\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tar\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-16T16:06:21", "description": "The remote host is running a version of Mac OS X 10.4 that does not have Security Update 2007-004 applied.\n\nThis update fixes security flaws in the following applications :\n\nAFP Client AirPort CarbonCore diskdev_cmds fetchmail ftpd gnutar Help Viewer HID Family Installer Kerberos Libinfo Login Window network_cmds SMB System Configuration URLMount Video Conference WebDAV", "cvss3": {"score": null, "vector": null}, "published": "2007-04-21T00:00:00", "type": "nessus", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2007-004)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300", "CVE-2006-5867", "CVE-2006-6143", "CVE-2006-6652", "CVE-2007-0022", "CVE-2007-0465", "CVE-2007-0646", "CVE-2007-0724", "CVE-2007-0725", "CVE-2007-0729", "CVE-2007-0732", "CVE-2007-0734", "CVE-2007-0735", "CVE-2007-0736", "CVE-2007-0737", "CVE-2007-0738", "CVE-2007-0739", "CVE-2007-0741", "CVE-2007-0742", "CVE-2007-0743", "CVE-2007-0744", "CVE-2007-0746", "CVE-2007-0747", "CVE-2007-0957", "CVE-2007-1216"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2007-004.NASL", "href": "https://www.tenable.com/plugins/nessus/25081", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\n\nif (NASL_LEVEL < 3000) exit(0);\n\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(25081);\n script_version (\"1.22\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n \n script_cve_id(\"CVE-2006-0300\", \"CVE-2006-5867\", \"CVE-2006-6143\", \"CVE-2006-6652\", \"CVE-2007-0022\",\n \"CVE-2007-0465\", \"CVE-2007-0646\", \"CVE-2007-0724\", \"CVE-2007-0725\", \"CVE-2007-0729\",\n \"CVE-2007-0732\", \"CVE-2007-0734\", \"CVE-2007-0735\", \"CVE-2007-0736\", \"CVE-2007-0737\",\n \"CVE-2007-0738\", \"CVE-2007-0739\", \"CVE-2007-0741\", \"CVE-2007-0742\", \"CVE-2007-0743\",\n \"CVE-2007-0744\", \"CVE-2007-0746\", \"CVE-2007-0747\", \"CVE-2007-0957\", \"CVE-2007-1216\");\n script_bugtraq_id(23569);\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2007-004)\");\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes a security\nissue.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X 10.4 that does not have\nSecurity Update 2007-004 applied.\n\nThis update fixes security flaws in the following applications :\n\nAFP Client\nAirPort\nCarbonCore\ndiskdev_cmds\nfetchmail\nftpd\ngnutar\nHelp Viewer\nHID Family\nInstaller\nKerberos\nLibinfo\nLogin Window\nnetwork_cmds\nSMB\nSystem Configuration\nURLMount\nVideo Conference\nWebDAV\" );\n # http://web.archive.org/web/20071213053008/http://docs.info.apple.com/article.html?artnum=305391\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cf3b0926\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Install Security Update 2007-004 :\n\n# http://web.archive.org/web/20070423190224/http://www.apple.com/support/downloads/securityupdate2007004universal.html\nhttp://www.nessus.org/u?f44d0fd9\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 134, 264);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2007/04/21\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2007/04/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2007/04/19\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_summary(english:\"Check for the presence of Security Update 2007-004\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_family(english:\"MacOS X Local Security Checks\");\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/MacOSX/packages\");\n exit(0);\n}\n\n#\n\npackages = get_kb_item(\"Host/MacOSX/packages\");\nif ( ! packages ) exit(0);\n\n\n\nuname = get_kb_item(\"Host/uname\");\nif ( egrep(pattern:\"Darwin.* (7\\.[0-9]\\.|8\\.[0-9]\\.)\", string:uname) )\n{\n if (!egrep(pattern:\"^SecUpd(Srvr)?(2007-00[4-9]|200[89]-|20[1-9][0-9]-)\", string:packages))\n security_hole(0);\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:14:12", "description": "The remote host is running a version of Mac OS X 10.4 that is older than version 10.4.9 or a version of Mac OS X 10.3 that does not have Security Update 2007-003 applied. This update contains several security fixes for the following programs :\n\n - ColorSync\n - CoreGraphics\n - Crash Reporter\n - CUPS\n - Disk Images\n - DS Plugins\n - Flash Player\n - GNU Tar\n - HFS\n - HID Family\n - ImageIO\n - Kernel\n - MySQL server\n - Networking\n - OpenSSH\n - Printing\n - QuickDraw Manager\n - servermgrd\n - SMB File Server\n - Software Update\n - sudo \n - WebLog", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2007-03-13T00:00:00", "type": "nessus", "title": "Mac OS X < 10.4.9 Multiple Vulnerabilities (Security Update 2007-003)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-4031", "CVE-2006-0300", "CVE-2006-1516", "CVE-2006-1517", "CVE-2006-2753", "CVE-2006-3081", "CVE-2006-0225", "CVE-2006-6097", "CVE-2006-4924", "CVE-2006-5051", "CVE-2006-5052", "CVE-2006-4226", "CVE-2007-0720", "CVE-2006-4227", "CVE-2006-3469", "CVE-2007-0726", "CVE-2006-1518", "CVE-2006-5330", "CVE-2006-5836", "CVE-2007-0318", "CVE-2007-0236", "CVE-2006-6173", "CVE-2006-6130", "CVE-2007-0719", "CVE-2007-0721", "CVE-2007-0722", "CVE-2007-0723", "CVE-2007-0724", "CVE-2007-0733", "CVE-2007-0728", "CVE-2007-0730", "CVE-2007-0731", "CVE-2005-2959", "CVE-2007-0467", "CVE-2006-6129", "CVE-2006-6062", "CVE-2007-0588", "CVE-2007-0463", "CVE-2006-4829", "CVE-2007-0229", "CVE-2006-6061", "CVE-2006-5679", "CVE-2007-0267", "CVE-2007-0299", "CVE-2007-1071"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"], "id": "3947.PRM", "href": "https://www.tenable.com/plugins/nnm/3947", "sourceData": "Binary data 3947.prm", "cvss": {"score": 8.3, "vector": "CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-16T16:06:48", "description": "The remote host is running a version of Mac OS X 10.4 which is older than version 10.4.9 or a version of Mac OS X 10.3 which does not have Security Update 2007-003 applied.\n\nThis update contains several security fixes for the following programs :\n\n - ColorSync\n - CoreGraphics\n - Crash Reporter\n - CUPS\n - Disk Images\n - DS Plugins\n - Flash Player\n - GNU Tar\n - HFS\n - HID Family\n - ImageIO\n - Kernel\n - MySQL server\n - Networking\n - OpenSSH\n - Printing\n - QuickDraw Manager\n - servermgrd\n - SMB File Server\n - Software Update\n - sudo \n - WebLog", "cvss3": {"score": null, "vector": null}, "published": "2007-03-13T00:00:00", "type": "nessus", "title": "Mac OS X < 10.4.9 Multiple Vulnerabilities (Security Update 2007-003)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0719", "CVE-2007-0467", "CVE-2007-0720", "CVE-2007-0721", "CVE-2007-0722", "CVE-2006-6061", "CVE-2006-6062", "CVE-2006-5679", "CVE-2007-0229", "CVE-2007-0267", "CVE-2007-0299", "CVE-2007-0723", "CVE-2006-5330", "CVE-2006-0300", "CVE-2006-6097", "CVE-2007-0318", "CVE-2007-0724", "CVE-2007-1071", "CVE-2007-0733", "CVE-2006-5836", "CVE-2006-6129", "CVE-2006-6173", "CVE-2006-1516", "CVE-2006-1517", "CVE-2006-2753", "CVE-2006-3081", "CVE-2006-4031", "CVE-2006-4226", "CVE-2006-3469", "CVE-2006-6130", "CVE-2007-0236", "CVE-2007-0726", "CVE-2006-0225", "CVE-2006-4924", "CVE-2006-5051", "CVE-2006-5052", "CVE-2007-0728", "CVE-2007-0588", "CVE-2007-0730", "CVE-2007-0731", "CVE-2007-0463", "CVE-2005-2959", "CVE-2006-4829"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_10_4_9.NASL", "href": "https://www.tenable.com/plugins/nessus/24811", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\nif ( NASL_LEVEL < 3004 ) exit(0);\n\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(24811);\n script_version (\"1.29\");\n\n script_cve_id(\"CVE-2007-0719\", \"CVE-2007-0467\", \"CVE-2007-0720\", \n \"CVE-2007-0721\", \"CVE-2007-0722\", \"CVE-2006-6061\", \n \"CVE-2006-6062\", \"CVE-2006-5679\", \"CVE-2007-0229\", \n \"CVE-2007-0267\", \"CVE-2007-0299\", \"CVE-2007-0723\", \n \"CVE-2006-5330\", \"CVE-2006-0300\", \"CVE-2006-6097\", \n \"CVE-2007-0318\", \"CVE-2007-0724\", \"CVE-2007-1071\", \n \"CVE-2007-0733\", \"CVE-2006-5836\", \"CVE-2006-6129\", \n \"CVE-2006-6173\", \"CVE-2006-1516\", \"CVE-2006-1517\", \n \"CVE-2006-2753\", \"CVE-2006-3081\", \"CVE-2006-4031\", \n \"CVE-2006-4226\", \"CVE-2006-3469\", \"CVE-2006-6130\", \n \"CVE-2007-0236\", \"CVE-2007-0726\", \"CVE-2006-0225\", \n \"CVE-2006-4924\", \"CVE-2006-5051\", \"CVE-2006-5052\", \n \"CVE-2007-0728\", \"CVE-2007-0588\", \"CVE-2007-0730\", \n \"CVE-2007-0731\", \"CVE-2007-0463\", \"CVE-2005-2959\", \n \"CVE-2006-4829\");\n script_bugtraq_id(20982, 21236, 21291, 21349, 22041, 22948);\n\n script_name(english:\"Mac OS X < 10.4.9 Multiple Vulnerabilities (Security Update 2007-003)\");\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update which fixes a security\nissue.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X 10.4 which is older than\nversion 10.4.9 or a version of Mac OS X 10.3 which does not have \nSecurity Update 2007-003 applied.\n\nThis update contains several security fixes for the following programs :\n\n - ColorSync\n - CoreGraphics\n - Crash Reporter\n - CUPS\n - Disk Images\n - DS Plugins\n - Flash Player\n - GNU Tar\n - HFS\n - HID Family\n - ImageIO\n - Kernel\n - MySQL server\n - Networking\n - OpenSSH\n - Printing\n - QuickDraw Manager\n - servermgrd\n - SMB File Server\n - Software Update\n - sudo \n - WebLog\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://docs.info.apple.com/article.html?artnum=305214\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Mac OS X 10.4 : Upgrade to Mac OS X 10.4.9 :\n\nhttp://www.apple.com/support/downloads/macosxserver1049updateppc.html\nhttp://www.apple.com/support/downloads/macosx1049updateintel.html\nhttp://www.apple.com/support/downloads/macosxserver1049updateuniversal.html\n\nMac OS X 10.3 : Apply Security Update 2007-003 :\n\nhttp://www.apple.com/support/downloads/securityupdate20070031039client.html\nhttp://www.apple.com/support/downloads/securityupdate20070031039server.html\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(79, 119, 362, 399);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2007/03/13\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2005/09/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2007/03/13\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"combined\");\nscript_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\nscript_end_attributes();\n\n script_summary(english:\"Check for the version of Mac OS X\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_family(english:\"MacOS X Local Security Checks\");\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n exit(0);\n}\n\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif ( ! os ) {\n\t os = get_kb_item(\"Host/OS\");\n\t confidence = get_kb_item(\"Host/OS/Confidence\");\n\t if ( confidence <= 90 ) exit(0);\n\t}\nif ( ! os ) exit(0);\nif ( ereg(pattern:\"Mac OS X 10\\.4($|\\.[1-8]([^0-9]|$))\", string:os)) security_hole(0);\nelse if ( ereg(pattern:\"Mac OS X 10\\.3\\.\", string:os) )\n{\n packages = get_kb_item(\"Host/MacOSX/packages\");\n if ( ! packages ) exit(0);\n if (!egrep(pattern:\"^SecUpd(Srvr)?2007-003\", string:packages)) security_hole(0);\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2022-01-19T16:03:50", "description": "\n\nGNU tar is vulnerable to a buffer overflow, caused by\n\t improper bounds checking of the PAX extended headers. By\n\t tricking an user into processing a specially crafted tar\n\t archive, this could be exploited to execute arbitrary\n\t code with the privileges of the user.\n\n", "cvss3": {}, "published": "2006-02-22T00:00:00", "type": "freebsd", "title": "gtar -- invalid headers buffer overflow", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-0300"], "modified": "2006-02-22T00:00:00", "id": "6107EFB9-AAE3-11DA-AEA1-000854D03344", "href": "https://vuxml.freebsd.org/freebsd/6107efb9-aae3-11da-aea1-000854d03344.html", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:16", "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n \r\n Mandriva Linux Security Advisory MDKSA-2006:046\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n \r\n Package : tar\r\n Date : February 21, 2006\r\n Affected: 10.1, 10.2, 2006.0\r\n _______________________________________________________________________\r\n \r\n Problem Description:\r\n \r\n Gnu tar versions 1.14 and above have a buffer overflow vulnerability\r\n and some other issues including:\r\n \r\n - Carefully crafted invalid headers can cause buffer overrun.\r\n - Invalid header fields go undiagnosed.\r\n - Some valid time strings are ignored.\r\n \r\n The updated packages have been patched to address this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n \r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300\r\n _______________________________________________________________________\r\n \r\n Updated Packages:\r\n \r\n Mandriva Linux 10.1:\r\n 8bd49b5e60e1736e771e3907789e37bb 10.1/RPMS/tar-1.14-1.1.101mdk.i586.rpm\r\n 57dc0115bfe997451de8d05375785395 10.1/SRPMS/tar-1.14-1.1.101mdk.src.rpm\r\n\r\n Mandriva Linux 10.1/X86_64:\r\n c4ad8f0250fef5da4ba2f9097c6190e2 x86_64/10.1/RPMS/tar-1.14-1.1.101mdk.x86_64.rpm\r\n 57dc0115bfe997451de8d05375785395 x86_64/10.1/SRPMS/tar-1.14-1.1.101mdk.src.rpm\r\n\r\n Mandriva Linux 10.2:\r\n 91ad7217d416f4d07536a08c6762fd8d 10.2/RPMS/tar-1.15.1-2.1.102mdk.i586.rpm\r\n efd8210667f158419143b243c1ee01d7 10.2/SRPMS/tar-1.15.1-2.1.102mdk.src.rpm\r\n\r\n Mandriva Linux 10.2/X86_64:\r\n edc3e1b3eec8c5f52aa29c6f7351f563 x86_64/10.2/RPMS/tar-1.15.1-2.1.102mdk.x86_64.rpm\r\n efd8210667f158419143b243c1ee01d7 x86_64/10.2/SRPMS/tar-1.15.1-2.1.102mdk.src.rpm\r\n\r\n Mandriva Linux 2006.0:\r\n 5300c6bc1aa290f2a8efffff2b3e8b27 2006.0/RPMS/tar-1.15.1-5.1.20060mdk.i586.rpm\r\n 275c24b2288e5b9c57d5a1bdef4798ad 2006.0/SRPMS/tar-1.15.1-5.1.20060mdk.src.rpm\r\n\r\n Mandriva Linux 2006.0/X86_64:\r\n 2c7378971d6b87fad153b8667e800b00 x86_64/2006.0/RPMS/tar-1.15.1-5.1.20060mdk.x86_64.rpm\r\n 275c24b2288e5b9c57d5a1bdef4798ad x86_64/2006.0/SRPMS/tar-1.15.1-5.1.20060mdk.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.2.4 (GNU/Linux)\r\n\r\niD8DBQFD+5sZmqjQ0CJFipgRAg/qAJ9e8t86QPJZ1tOOqhbJ3ED0Q7Q7MACfRqNH\r\nWeJC8+PLyJG2psgFmTYak7A=\r\n=Zc9A\r\n-----END PGP SIGNATURE-----\r\n\r\n_______________________________________________\r\nFull-Disclosure - We believe in it.\r\nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\r\nHosted and sponsored by Secunia - http://secunia.com/", "edition": 1, "cvss3": {}, "published": "2006-02-22T00:00:00", "title": "[Full-disclosure] [ MDKSA-2006:046 ] - Updated tar packages fix vulnerability", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2006-02-22T00:00:00", "id": "SECURITYVULNS:DOC:11548", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:11548", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntucve": [{"lastseen": "2021-11-22T22:03:39", "description": "Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers\nto cause a denial of service (application crash) and possibly execute code\nvia unspecified vectors involving PAX extended headers.", "cvss3": {}, "published": "2006-02-24T00:00:00", "type": "ubuntucve", "title": "CVE-2006-0300", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-0300"], "modified": "2006-02-24T00:00:00", "id": "UB:CVE-2006-0300", "href": "https://ubuntu.com/security/CVE-2006-0300", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2017-07-02T21:13:45", "description": "Check for the Version of gtar", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for gtar 118192-03", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855115", "href": "http://plugins.openvas.org/nasl.php?oid=855115", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for gtar 118192-03\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"gtar on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n gtar\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855115);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:28:12 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUNSolve\", value: \"118192-03\");\n script_cve_id(\"CVE-2006-0300\");\n script_name( \"Solaris Update for gtar 118192-03\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-118192-03-1\");\n\n script_summary(\"Check for the Version of gtar\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"118192-03\", package:\"SUNWgtar\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:38:22", "description": "Check for the Version of gtar", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for gtar 118192-03", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855115", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855115", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for gtar 118192-03\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"gtar on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n gtar\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855115\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:28:12 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUNSolve\", value: \"118192-03\");\n script_cve_id(\"CVE-2006-0300\");\n script_name( \"Solaris Update for gtar 118192-03\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-118192-03-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of gtar\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"118192-03\", package:\"SUNWgtar\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:40:40", "description": "Check for the Version of gtar source", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for gtar source 118193-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855348", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855348", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for gtar source 118193-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"gtar source on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n gtar source\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855348\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:28:12 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUNSolve\", value: \"118193-02\");\n script_cve_id(\"CVE-2006-0300\");\n script_name( \"Solaris Update for gtar source 118193-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-118193-02-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of gtar source\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"118193-02\", package:\"SUNWgtarS\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:21", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2008-09-04T00:00:00", "type": "openvas", "title": "FreeBSD Ports: gtar", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2016-09-20T00:00:00", "id": "OPENVAS:56350", "href": "http://plugins.openvas.org/nasl.php?oid=56350", "sourceData": "#\n#VID 6107efb9-aae3-11da-aea1-000854d03344\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: gtar\n\nCVE-2006-0300\nBuffer overflow in tar 1.14 through 1.15.90 allows user-complicit\nattackers to cause a denial of service (application crash) and\npossibly execute code via unspecified vectors involving PAX extended\nheaders.\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\";\nif(description)\n{\n script_id(56350);\n script_version(\"$Revision: 4118 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-20 07:32:38 +0200 (Tue, 20 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2006-0300\");\n script_bugtraq_id(16764);\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: gtar\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"gtar\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.15.1_2\")<0) {\n txt += 'Package gtar version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:14:05", "description": "Check for the Version of gtar", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for gtar 139099-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855295", "href": "http://plugins.openvas.org/nasl.php?oid=855295", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for gtar 139099-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"gtar on solaris_5.10_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n gtar\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855295);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:34:39 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUNSolve\", value: \"139099-02\");\n script_cve_id(\"CVE-2006-0300\");\n script_name( \"Solaris Update for gtar 139099-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-139099-02-1\");\n\n script_summary(\"Check for the Version of gtar\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"139099-02\", package:\"SUNWgtar SUNWsfman SUNWgtarS\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:14:08", "description": "Check for the Version of gtar source", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for gtar source 118193-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855348", "href": "http://plugins.openvas.org/nasl.php?oid=855348", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for gtar source 118193-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"gtar source on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n gtar source\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855348);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:28:12 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUNSolve\", value: \"118193-02\");\n script_cve_id(\"CVE-2006-0300\");\n script_name( \"Solaris Update for gtar source 118193-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-118193-02-1\");\n\n script_summary(\"Check for the Version of gtar source\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"118193-02\", package:\"SUNWgtarS\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:13:50", "description": "Check for the Version of gtar", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for gtar 139100-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855413", "href": "http://plugins.openvas.org/nasl.php?oid=855413", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for gtar 139100-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"gtar on solaris_5.10_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n gtar\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855413);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:34:39 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUNSolve\", value: \"139100-02\");\n script_cve_id(\"CVE-2006-0300\");\n script_name( \"Solaris Update for gtar 139100-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-139100-02-1\");\n\n script_summary(\"Check for the Version of gtar\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"i386\", patch:\"139100-02\", package:\"SUNWgtar SUNWsfman SUNWgtarS\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:38:44", "description": "Check for the Version of gtar source", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for gtar source 118194-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855178", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855178", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for gtar source 118194-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"gtar source on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n gtar source\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855178\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:28:12 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUNSolve\", value: \"118194-02\");\n script_cve_id(\"CVE-2006-0300\");\n script_name( \"Solaris Update for gtar source 118194-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-118194-02-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of gtar source\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"118194-02\", package:\"SUNWgtarS\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:38:55", "description": "Check for the Version of gtar", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for gtar 139100-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855413", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855413", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for gtar 139100-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"gtar on solaris_5.10_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n gtar\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855413\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:34:39 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUNSolve\", value: \"139100-02\");\n script_cve_id(\"CVE-2006-0300\");\n script_name( \"Solaris Update for gtar 139100-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-139100-02-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of gtar\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"i386\", patch:\"139100-02\", package:\"SUNWgtar SUNWsfman SUNWgtarS\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:13:49", "description": "Check for the Version of gtar source", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for gtar source 118194-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855178", "href": "http://plugins.openvas.org/nasl.php?oid=855178", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for gtar source 118194-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"gtar source on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n gtar source\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855178);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:28:12 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUNSolve\", value: \"118194-02\");\n script_cve_id(\"CVE-2006-0300\");\n script_name( \"Solaris Update for gtar source 118194-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-118194-02-1\");\n\n script_summary(\"Check for the Version of gtar source\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"118194-02\", package:\"SUNWgtarS\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:40:22", "description": "Check for the Version of gtar", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for gtar 139099-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855295", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855295", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for gtar 139099-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"gtar on solaris_5.10_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n gtar\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855295\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:34:39 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUNSolve\", value: \"139099-02\");\n script_cve_id(\"CVE-2006-0300\");\n script_name( \"Solaris Update for gtar 139099-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-139099-02-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of gtar\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"139099-02\", package:\"SUNWgtar SUNWsfman SUNWgtarS\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:14:06", "description": "Check for the Version of gtar", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for gtar 118191-03", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855433", "href": "http://plugins.openvas.org/nasl.php?oid=855433", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for gtar 118191-03\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"gtar on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n gtar\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855433);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:28:12 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUNSolve\", value: \"118191-03\");\n script_cve_id(\"CVE-2006-0300\");\n script_name( \"Solaris Update for gtar 118191-03\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-118191-03-1\");\n\n script_summary(\"Check for the Version of gtar\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"118191-03\", package:\"SUNWgtar\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:23", "description": "The remote host is missing updates announced in\nadvisory GLSA 200603-06.", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200603-06 (tar)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:56414", "href": "http://plugins.openvas.org/nasl.php?oid=56414", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A malicious tar archive could trigger a Buffer overflow in GNU tar,\npotentially resulting in the execution of arbitrary code.\";\ntag_solution = \"All GNU tar users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-arch/tar-1.15.1-r1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200603-06\nhttp://bugs.gentoo.org/show_bug.cgi?id=123038\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200603-06.\";\n\n \n\nif(description)\n{\n script_id(56414);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_bugtraq_id(16764);\n script_cve_id(\"CVE-2006-0300\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200603-06 (tar)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-arch/tar\", unaffected: make_list(\"ge 1.15.1-r1\"), vulnerable: make_list(\"lt 1.15.1-r1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:52", "description": "The remote host is missing an update to tar\nannounced via advisory DSA 987-1.\n\nJim Meyering discovered several buffer overflows in GNU tar, which may\nlead to the execution of arbitrary code through specially crafted tar\narchives.\n\nThe old stable distribution (woody) is not affected by this problem.", "cvss3": {}, "published": "2008-01-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 987-1 (tar)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:56393", "href": "http://plugins.openvas.org/nasl.php?oid=56393", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_987_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 987-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) this problem has been fixed in\nversion 1.14-2.1.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 1.15.1-3.\n\nWe recommend that you upgrade your tar package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20987-1\";\ntag_summary = \"The remote host is missing an update to tar\nannounced via advisory DSA 987-1.\n\nJim Meyering discovered several buffer overflows in GNU tar, which may\nlead to the execution of arbitrary code through specially crafted tar\narchives.\n\nThe old stable distribution (woody) is not affected by this problem.\";\n\n\nif(description)\n{\n script_id(56393);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:07:13 +0100 (Thu, 17 Jan 2008)\");\n script_bugtraq_id(16764);\n script_cve_id(\"CVE-2006-0300\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 987-1 (tar)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"tar\", ver:\"1.14-2.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:40:26", "description": "Check for the Version of gtar", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for gtar 118191-03", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0300"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855433", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855433", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for gtar 118191-03\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"gtar on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n gtar\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855433\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:28:12 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUNSolve\", value: \"118191-03\");\n script_cve_id(\"CVE-2006-0300\");\n script_name( \"Solaris Update for gtar 118191-03\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-118191-03-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of gtar\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"118191-03\", package:\"SUNWgtar\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "checkpoint_advisories": [{"lastseen": "2021-12-17T12:43:33", "description": "The GNU tar program provides the ability to create and extract TAR archives along with various other kinds of manipulations. The program was initially designed to store files on magnetic tape, but has since then become a widely used archiving utility. A buffer overflow vulnerability exists in the GNU Tar archive utility. The flaw is specific to processing PAX archives which contain extended headers. An attacker may leverage this vulnerability to cause a vulnerable version of the affected program to terminate by enticing a user to download and process a malicious archive file. Upon processing of a malicious archive, the affected Tar utility will terminate. Error messages may be generated on the process termination. The system as a whole is not affected as a result of such an attack.", "cvss3": {}, "published": "2009-10-11T00:00:00", "type": "checkpoint_advisories", "title": "GNU Tar PAX Extended Headers Handling Buffer Overflow (CVE-2006-0300)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-0300"], "modified": "2009-10-11T00:00:00", "id": "CPAI-2006-161", "href": "", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2022-01-04T13:33:52", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 987-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nMarch 7th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : tar\nVulnerability : buffer overflow\nProblem-Type : local(remote)\nDebian-specific: no\nCVE ID : CVE-2006-0300\nDebian Bug : 314805\n\nJim Meyering discovered several buffer overflows in GNU tar, which may\nlead to the execution of arbitrary code through specially crafted tar\narchives.\n\nThe old stable distribution (woody) is not affected by this problem.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 1.14-2.1.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 1.15.1-3.\n\nWe recommend that you upgrade your tar package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1.dsc\n Size/MD5 checksum: 554 3042cf964a78dcdf6e2b6d249f526ba3\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1.diff.gz\n Size/MD5 checksum: 21956 5c2a4d59a787257f6193a13cfecef91d\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14.orig.tar.gz\n Size/MD5 checksum: 1485633 3094544702b1affa32d969f0b6459663\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_alpha.deb\n Size/MD5 checksum: 520038 d4b36a6ce0e06c97111d4187ade09962\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_amd64.deb\n Size/MD5 checksum: 503250 64898d22642566fac2a70318262fc3c5\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_arm.deb\n Size/MD5 checksum: 499498 5b6a94b5e9b66062d99f144655671847\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_i386.deb\n Size/MD5 checksum: 499300 fed1f5e8443e4553e3408588c0f5fedd\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_ia64.deb\n Size/MD5 checksum: 542832 1165d04108e7a955f625d0fbe0124af0\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_hppa.deb\n Size/MD5 checksum: 517190 f4ac26e95c28b167ba444c28394632b3\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_m68k.deb\n Size/MD5 checksum: 488360 cd50831cac6eb2567c37bc8575cee797\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_mips.deb\n Size/MD5 checksum: 519882 a3956e10ed7ef0e4aecfba04d6a84538\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_mipsel.deb\n Size/MD5 checksum: 519624 c8bbe871ba1d3302653fc0d8a4f93da1\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_powerpc.deb\n Size/MD5 checksum: 506190 5b0ecfa06241e0d482fa2e68a378df88\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_s390.deb\n Size/MD5 checksum: 511234 0397890904020953a5d5ca49e2a51f1b\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_sparc.deb\n Size/MD5 checksum: 499150 554e29b775d1c5400e3514d5a46412ee\n\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2006-03-07T14:19:58", "type": "debian", "title": "[SECURITY] [DSA 987-1] New tar packages fix arbitrary code execution", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-0300"], "modified": "2006-03-07T14:19:58", "id": "DEBIAN:DSA-987-1:F1041", "href": "https://lists.debian.org/debian-security-announce/2006/msg00065.html", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-22T03:27:28", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 987-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nMarch 7th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : tar\nVulnerability : buffer overflow\nProblem-Type : local(remote)\nDebian-specific: no\nCVE ID : CVE-2006-0300\nDebian Bug : 314805\n\nJim Meyering discovered several buffer overflows in GNU tar, which may\nlead to the execution of arbitrary code through specially crafted tar\narchives.\n\nThe old stable distribution (woody) is not affected by this problem.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 1.14-2.1.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 1.15.1-3.\n\nWe recommend that you upgrade your tar package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1.dsc\n Size/MD5 checksum: 554 3042cf964a78dcdf6e2b6d249f526ba3\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1.diff.gz\n Size/MD5 checksum: 21956 5c2a4d59a787257f6193a13cfecef91d\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14.orig.tar.gz\n Size/MD5 checksum: 1485633 3094544702b1affa32d969f0b6459663\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_alpha.deb\n Size/MD5 checksum: 520038 d4b36a6ce0e06c97111d4187ade09962\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_amd64.deb\n Size/MD5 checksum: 503250 64898d22642566fac2a70318262fc3c5\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_arm.deb\n Size/MD5 checksum: 499498 5b6a94b5e9b66062d99f144655671847\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_i386.deb\n Size/MD5 checksum: 499300 fed1f5e8443e4553e3408588c0f5fedd\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_ia64.deb\n Size/MD5 checksum: 542832 1165d04108e7a955f625d0fbe0124af0\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_hppa.deb\n Size/MD5 checksum: 517190 f4ac26e95c28b167ba444c28394632b3\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_m68k.deb\n Size/MD5 checksum: 488360 cd50831cac6eb2567c37bc8575cee797\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_mips.deb\n Size/MD5 checksum: 519882 a3956e10ed7ef0e4aecfba04d6a84538\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_mipsel.deb\n Size/MD5 checksum: 519624 c8bbe871ba1d3302653fc0d8a4f93da1\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_powerpc.deb\n Size/MD5 checksum: 506190 5b0ecfa06241e0d482fa2e68a378df88\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_s390.deb\n Size/MD5 checksum: 511234 0397890904020953a5d5ca49e2a51f1b\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.1_sparc.deb\n Size/MD5 checksum: 499150 554e29b775d1c5400e3514d5a46412ee\n\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2006-03-07T14:19:58", "type": "debian", "title": "[SECURITY] [DSA 987-1] New tar packages fix arbitrary code execution", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-0300"], "modified": "2006-03-07T14:19:58", "id": "DEBIAN:DSA-987-1:0FC63", "href": "https://lists.debian.org/debian-security-announce/2006/msg00065.html", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2022-03-23T14:03:37", "description": "Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.", "cvss3": {}, "published": "2006-02-24T00:02:00", "type": "cve", "title": "CVE-2006-0300", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-0300"], "modified": "2018-10-19T15:44:00", "cpe": ["cpe:/a:gnu:tar:1.15", "cpe:/a:gnu:tar:1.14", "cpe:/a:gnu:tar:1.14.1", "cpe:/a:gnu:tar:1.15.1", "cpe:/a:gnu:tar:1.15.90"], "id": "CVE-2006-0300", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-0300", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:gnu:tar:1.14:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:tar:1.15.90:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:tar:1.15.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:tar:1.14.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:tar:1.15:*:*:*:*:*:*:*"]}], "gentoo": [{"lastseen": "2022-01-17T19:18:02", "description": "### Background\n\nGNU tar is the standard GNU utility for creating and manipulating tar archives, a common format used for creating backups and distributing files on UNIX-like systems. \n\n### Description\n\nJim Meyering discovered a flaw in the handling of certain header fields that could result in a buffer overflow when extracting or listing the contents of an archive. \n\n### Impact\n\nA remote attacker could construct a malicious tar archive that could potentially execute arbitrary code with the privileges of the user running GNU tar. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll GNU tar users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-arch/tar-1.15.1-r1\"", "cvss3": {}, "published": "2006-03-10T00:00:00", "type": "gentoo", "title": "GNU tar: Buffer overflow", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-0300"], "modified": "2006-03-10T00:00:00", "id": "GLSA-200603-06", "href": "https://security.gentoo.org/glsa/200603-06", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2022-02-27T15:59:52", "description": "**CentOS Errata and Security Advisory** CESA-2006:0232\n\n\nThe GNU tar program saves many files together in one archive and can\r\nrestore individual files (or all of the files) from that archive.\r\n\r\nJim Meyering discovered a buffer overflow bug in the way GNU tar extracts\r\nmalformed archives. By tricking a user into extracting a malicious tar\r\narchive, it is possible to execute arbitrary code as the user running tar.\r\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) assigned\r\nthe name CVE-2006-0300 to this issue.\r\n\r\nUsers of tar should upgrade to this updated package, which contains a\r\nbackported patch to correct this issue.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2006-March/049609.html\nhttps://lists.centos.org/pipermail/centos-announce/2006-March/049610.html\nhttps://lists.centos.org/pipermail/centos-announce/2006-March/049611.html\nhttps://lists.centos.org/pipermail/centos-announce/2006-March/049612.html\nhttps://lists.centos.org/pipermail/centos-announce/2006-March/049613.html\n\n**Affected packages:**\ntar\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2006:0232", "cvss3": {}, "published": "2006-03-01T16:42:53", "type": "centos", "title": "tar security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-0300"], "modified": "2006-03-02T00:14:12", "id": "CESA-2006:0232", "href": "https://lists.centos.org/pipermail/centos-announce/2006-March/049609.html", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2022-01-04T13:36:06", "description": "Jim Meyering discovered that tar did not properly verify the validity \nof certain header fields in a GNU tar archive. By tricking an user \ninto processing a specially crafted tar archive, this could be \nexploited to execute arbitrary code with the privileges of the user.\n\nThe tar version in Ubuntu 4.10 is not affected by this vulnerability.\n", "cvss3": {}, "published": "2006-02-23T00:00:00", "type": "ubuntu", "title": "tar vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-0300"], "modified": "2006-02-23T00:00:00", "id": "USN-257-1", "href": "https://ubuntu.com/security/notices/USN-257-1", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2022-05-26T00:00:57", "description": "Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.", "cvss3": {}, "published": "2006-02-24T00:02:00", "type": "debiancve", "title": "CVE-2006-0300", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-0300"], "modified": "2006-02-24T00:02:00", "id": "DEBIANCVE:CVE-2006-0300", "href": "https://security-tracker.debian.org/tracker/CVE-2006-0300", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}]}
