(RHSA-2006:0232) tar security update

{"result": {"cve": [{"id": "CVE-2006-0300", "type": "cve", "title": "CVE-2006-0300", "description": "Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.", "published": "2006-02-23T19:02:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-0300", "cvelist": ["CVE-2006-0300"], "lastseen": "2016-09-03T06:23:19"}], "nessus": [{"id": "SOLARIS10_X86_139100.NASL", "type": "nessus", "title": "Solaris 10 (x86) : 139100-04", "description": "SunOS 5.10_x86: gtar patch.\nDate this patch was last updated by Sun : Apr/19/10", "published": "2008-09-08T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=34107", "cvelist": ["CVE-2006-0300"], "lastseen": "2016-09-26T17:26:14"}, {"id": "UBUNTU_USN-257-1.NASL", "type": "nessus", "title": "Ubuntu 5.04 / 5.10 : tar vulnerability (USN-257-1)", "description": "Jim Meyering discovered that tar did not properly verify the validity of certain header fields in a GNU tar archive. By tricking an user into processing a specially crafted tar archive, this could be exploited to execute arbitrary code with the privileges of the user.\n\nThe tar version in Ubuntu 4.10 is not affected by this vulnerability.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2006-03-13T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=21065", "cvelist": ["CVE-2006-0300"], "lastseen": "2016-09-26T17:23:06"}, {"id": "MANDRAKE_MDKSA-2006-046.NASL", "type": "nessus", "title": "Mandrake Linux Security Advisory : tar (MDKSA-2006:046)", "description": "Gnu tar versions 1.14 and above have a buffer overflow vulnerability and some other issues including :\n\n - Carefully crafted invalid headers can cause buffer overrun.\n\n - Invalid header fields go undiagnosed.\n\n - Some valid time strings are ignored.\n\nThe updated packages have been patched to address this issue.", "published": "2006-02-22T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=20964", "cvelist": ["CVE-2006-0300"], "lastseen": "2016-09-26T17:23:06"}, {"id": "CENTOS_RHSA-2006-0232.NASL", "type": "nessus", "title": "CentOS 4 : tar (CESA-2006:0232)", "description": "An updated tar package that fixes a buffer overflow bug is now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having Moderate security impact by the Red Hat Security Response Team.\n\nThe GNU tar program saves many files together in one archive and can restore individual files (or all of the files) from that archive.\n\nJim Meyering discovered a buffer overflow bug in the way GNU tar extracts malformed archives. By tricking a user into extracting a malicious tar archive, it is possible to execute arbitrary code as the user running tar. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CVE-2006-0300 to this issue.\n\nUsers of tar should upgrade to this updated package, which contains a backported patch to correct this issue.", "published": "2006-07-05T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=21988", "cvelist": ["CVE-2006-0300"], "lastseen": "2016-09-26T17:24:26"}, {"id": "SOLARIS9_X86_118192.NASL", "type": "nessus", "title": "Solaris 9 (x86) : 118192-05", "description": "SunOS 5.9_x86: gtar patch.\nDate this patch was last updated by Sun : Apr/19/10", "published": "2008-12-02T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=35001", "cvelist": ["CVE-2006-0300"], "lastseen": "2016-09-26T17:26:20"}, {"id": "SOLARIS10_139099.NASL", "type": "nessus", "title": "Solaris 10 (sparc) : 139099-04", "description": "SunOS 5.10: gtar patch.\nDate this patch was last updated by Sun : Apr/19/10", "published": "2008-09-08T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=34106", "cvelist": ["CVE-2006-0300"], "lastseen": "2016-09-26T17:26:01"}, {"id": "FREEBSD_PKG_6107EFB9AAE311DAAEA1000854D03344.NASL", "type": "nessus", "title": "FreeBSD : gtar -- invalid headers buffer overflow (6107efb9-aae3-11da-aea1-000854d03344)", "description": "GNU tar is vulnerable to a buffer overflow, caused by improper bounds checking of the PAX extended headers. By tricking an user into processing a specially crafted tar archive, this could be exploited to execute arbitrary code with the privileges of the user.", "published": "2006-05-13T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=21437", "cvelist": ["CVE-2006-0300"], "lastseen": "2016-09-26T17:23:11"}, {"id": "GENTOO_GLSA-200603-06.NASL", "type": "nessus", "title": "GLSA-200603-06 : GNU tar: Buffer overflow", "description": "The remote host is affected by the vulnerability described in GLSA-200603-06 (GNU tar: Buffer overflow)\n\n Jim Meyering discovered a flaw in the handling of certain header fields that could result in a buffer overflow when extracting or listing the contents of an archive.\n Impact :\n\n A remote attacker could construct a malicious tar archive that could potentially execute arbitrary code with the privileges of the user running GNU tar.\n Workaround :\n\n There is no known workaround at this time.", "published": "2006-03-13T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=21044", "cvelist": ["CVE-2006-0300"], "lastseen": "2016-09-26T17:26:24"}, {"id": "DEBIAN_DSA-987.NASL", "type": "nessus", "title": "Debian DSA-987-1 : tar - buffer overflow", "description": "Jim Meyering discovered several buffer overflows in GNU tar, which may lead to the execution of arbitrary code through specially crafted tar archives.", "published": "2006-10-14T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=22853", "cvelist": ["CVE-2006-0300"], "lastseen": "2016-09-26T17:26:13"}, {"id": "SOLARIS9_118191.NASL", "type": "nessus", "title": "Solaris 9 (sparc) : 118191-05", "description": "SunOS 5.9: gtar patch.\nDate this patch was last updated by Sun : Apr/19/10", "published": "2008-12-02T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=34997", "cvelist": ["CVE-2006-0300"], "lastseen": "2016-09-26T17:26:29"}], "openvas": [{"id": "OPENVAS:855348", "type": "openvas", "title": "Solaris Update for gtar source 118193-02", "description": "Check for the Version of gtar source", "published": "2009-06-03T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=855348", "cvelist": ["CVE-2006-0300"], "lastseen": "2017-03-13T13:13:54"}, {"id": "OPENVAS:855295", "type": "openvas", "title": "Solaris Update for gtar 139099-02", "description": "Check for the Version of gtar", "published": "2009-06-03T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=855295", "cvelist": ["CVE-2006-0300"], "lastseen": "2017-03-13T13:13:47"}, {"id": "OPENVAS:56393", "type": "openvas", "title": "Debian Security Advisory DSA 987-1 (tar)", "description": "The remote host is missing an update to tar\nannounced via advisory DSA 987-1.\n\nJim Meyering discovered several buffer overflows in GNU tar, which may\nlead to the execution of arbitrary code through specially crafted tar\narchives.\n\nThe old stable distribution (woody) is not affected by this problem.", "published": "2008-01-17T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=56393", "cvelist": ["CVE-2006-0300"], "lastseen": "2016-09-26T20:41:33"}, {"id": "OPENVAS:855413", "type": "openvas", "title": "Solaris Update for gtar 139100-02", "description": "Check for the Version of gtar", "published": "2009-06-03T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=855413", "cvelist": ["CVE-2006-0300"], "lastseen": "2017-03-13T13:13:53"}, {"id": "OPENVAS:855178", "type": "openvas", "title": "Solaris Update for gtar source 118194-02", "description": "Check for the Version of gtar source", "published": "2009-06-03T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=855178", "cvelist": ["CVE-2006-0300"], "lastseen": "2017-03-13T13:13:49"}, {"id": "OPENVAS:855115", "type": "openvas", "title": "Solaris Update for gtar 118192-03", "description": "Check for the Version of gtar", "published": "2009-06-03T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=855115", "cvelist": ["CVE-2006-0300"], "lastseen": "2017-03-13T13:14:01"}, {"id": "OPENVAS:56350", "type": "openvas", "title": "FreeBSD Ports: gtar", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "published": "2008-09-04T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=56350", "cvelist": ["CVE-2006-0300"], "lastseen": "2016-09-26T20:41:41"}, {"id": "OPENVAS:855433", "type": "openvas", "title": "Solaris Update for gtar 118191-03", "description": "Check for the Version of gtar", "published": "2009-06-03T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=855433", "cvelist": ["CVE-2006-0300"], "lastseen": "2017-03-13T13:13:51"}, {"id": "OPENVAS:56414", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200603-06 (tar)", "description": "The remote host is missing updates announced in\nadvisory GLSA 200603-06.", "published": "2008-09-24T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=56414", "cvelist": ["CVE-2006-0300"], "lastseen": "2016-10-24T08:54:13"}], "ubuntu": [{"id": "USN-257-1", "type": "ubuntu", "title": "tar vulnerability", "description": "Jim Meyering discovered that tar did not properly verify the validity \nof certain header fields in a GNU tar archive. By tricking an user \ninto processing a specially crafted tar archive, this could be \nexploited to execute arbitrary code with the privileges of the user.\n\nThe tar version in Ubuntu 4.10 is not affected by this vulnerability.", "published": "2006-02-23T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.ubuntu.com/usn/usn-257-1", "cvelist": ["CVE-2006-0300"], "lastseen": "2017-05-01T08:28:58"}], "centos": [{"id": "CESA-2006:0232", "type": "centos", "title": "tar security update", "description": "**CentOS Errata and Security Advisory** CESA-2006:0232\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2006-March/012690.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-March/012691.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-March/012692.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-March/012693.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-March/012694.html\n\n**Affected packages:**\ntar\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2006-0232.html", "published": "2006-03-01T16:42:53", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2006-March/012690.html", "cvelist": ["CVE-2006-0300"], "lastseen": "2016-12-05T20:04:11"}], "osvdb": [{"id": "OSVDB:23371", "type": "osvdb", "title": "GNU tar PAX Extended Headers Handling Overflow", "description": "## Vulnerability Description\nA remote overflow exists in GNU Tar. GNU Tar fails to properly handle PAX extended headers resulting in a buffer overflow. With a specially crafted .tar archive, an attacker can cause arbitrary command execution when the victim lists the tar contents or extracts the archive.\n## Solution Description\nUpgrade to version 1.15.90 (alpha) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nA remote overflow exists in GNU Tar. GNU Tar fails to properly handle PAX extended headers resulting in a buffer overflow. With a specially crafted .tar archive, an attacker can cause arbitrary command execution when the victim lists the tar contents or extracts the archive.\n## References:\n[Vendor Specific Advisory URL](http://www.trustix.org/errata/2006/0010/)\n[Vendor Specific Advisory URL](http://support.avaya.com/elmodocs2/security/ASA-2006-095.htm)\n[Vendor Specific Advisory URL](http://www.debian.org/security/2006/dsa-987)\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200603-06.xml)\n[Vendor Specific Advisory URL](http://docs.info.apple.com/article.html?artnum=305391)\n[Vendor Specific Advisory URL](http://docs.info.apple.com/article.html?artnum=305445)\n[Vendor Specific Advisory URL](http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:046)\n[Vendor Specific Advisory URL](http://www.ubuntu.com/usn/usn-257-1)\n[Vendor Specific Advisory URL](http://www.novell.com/linux/security/advisories/2006_05_sr.html)\nSecurity Tracker: 1015705\n[Secunia Advisory ID:19016](https://secuniaresearch.flexerasoftware.com/advisories/19016/)\n[Secunia Advisory ID:19093](https://secuniaresearch.flexerasoftware.com/advisories/19093/)\n[Secunia Advisory ID:19130](https://secuniaresearch.flexerasoftware.com/advisories/19130/)\n[Secunia Advisory ID:24966](https://secuniaresearch.flexerasoftware.com/advisories/24966/)\n[Secunia Advisory ID:18988](https://secuniaresearch.flexerasoftware.com/advisories/18988/)\n[Secunia Advisory ID:19236](https://secuniaresearch.flexerasoftware.com/advisories/19236/)\n[Secunia Advisory ID:18973](https://secuniaresearch.flexerasoftware.com/advisories/18973/)\n[Secunia Advisory ID:18976](https://secuniaresearch.flexerasoftware.com/advisories/18976/)\n[Secunia Advisory ID:20042](https://secuniaresearch.flexerasoftware.com/advisories/20042/)\n[Secunia Advisory ID:18999](https://secuniaresearch.flexerasoftware.com/advisories/18999/)\n[Secunia Advisory ID:19152](https://secuniaresearch.flexerasoftware.com/advisories/19152/)\nRedHat RHSA: RHSA-2006:0232\nMail List Post: http://lists.gnu.org/archive/html/bug-tar/2006-02/msg00051.html\nMail List Post: http://lists.gnu.org/archive/html/bug-tar/2005-06/msg00029.html\n[CVE-2006-0300](https://vulners.com/cve/CVE-2006-0300)\n", "published": "2006-02-22T06:05:34", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:23371", "cvelist": ["CVE-2006-0300"], "lastseen": "2017-04-28T13:20:20"}], "gentoo": [{"id": "GLSA-200603-06", "type": "gentoo", "title": "GNU tar: Buffer overflow", "description": "### Background\n\nGNU tar is the standard GNU utility for creating and manipulating tar archives, a common format used for creating backups and distributing files on UNIX-like systems. \n\n### Description\n\nJim Meyering discovered a flaw in the handling of certain header fields that could result in a buffer overflow when extracting or listing the contents of an archive. \n\n### Impact\n\nA remote attacker could construct a malicious tar archive that could potentially execute arbitrary code with the privileges of the user running GNU tar. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll GNU tar users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-arch/tar-1.15.1-r1\"", "published": "2006-03-10T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://security.gentoo.org/glsa/200603-06", "cvelist": ["CVE-2006-0300"], "lastseen": "2016-09-06T19:46:36"}], "freebsd": [{"id": "6107EFB9-AAE3-11DA-AEA1-000854D03344", "type": "freebsd", "title": "gtar -- invalid headers buffer overflow", "description": "\nGNU tar is vulnerable to a buffer overflow, caused by\n\t improper bounds checking of the PAX extended headers. By\n\t tricking an user into processing a specially crafted tar\n\t archive, this could be exploited to execute arbitrary\n\t code with the privileges of the user.\n", "published": "2006-02-22T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/6107efb9-aae3-11da-aea1-000854d03344.html", "cvelist": ["CVE-2006-0300"], "lastseen": "2016-09-26T17:25:09"}], "debian": [{"id": "DSA-987", "type": "debian", "title": "tar -- buffer overflow", "description": "Jim Meyering discovered several buffer overflows in GNU tar, which may lead to the execution of arbitrary code through specially crafted tar archives.\n\nThe old stable distribution (woody) is not affected by this problem.\n\nFor the stable distribution (sarge) this problem has been fixed in version 1.14-2.1.\n\nFor the unstable distribution (sid) this problem has been fixed in version 1.15.1-3.\n\nWe recommend that you upgrade your tar package.", "published": "2006-03-07T00:00:00", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-987", "cvelist": ["CVE-2006-0300"], "lastseen": "2016-09-02T18:26:41"}]}}