RHCOS 3 : Red Hat OpenShift Enterprise 3.2 (RHSA-2016:1853)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:1853 advisory. - libarchive: Archive Entry with type 1 hardlink, but has a non-zero data size file overwrite CVE-2016-5418 Note that Nessus has not tested f...

Debian: Security Advisory (DLA-657-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2016-1045)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Photon OS 1.0: Binutils / Libarchive / Ntp PHSA-2017-0010 (deprecated)

An update of binutils,ntp,libarchive packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0010. The text itself is copyright C VMwar...

USN-3225-1: libarchive vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description It was discovered that libarchive incorrectly handled hardlink entries when extracting archives. A remote attacker could possibly use this issue to overwrite arbitrary files. CVE-2016-5418 Christian...

Ubuntu 14.04 LTS / 16.04 LTS : libarchive vulnerabilities (USN-3225-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3225-1 advisory. It was discovered that libarchive incorrectly handled hardlink entries when extracting archives. A remote attacker could possibly use this...

Ubuntu: Security Advisory (USN-3225-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3225-1: libarchive vulnerabilities

It was discovered that libarchive incorrectly handled hardlink entries when extracting archives. A remote attacker could possibly use this issue to overwrite arbitrary files. CVE-2016-5418 Christian Wressnegger, Alwin Maier, and Fabian Yamaguchi discovered that libarchive incorrectly handled...

F5 BIG-IP - libarchive vulnerability CVE-2016-5418

The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a...

F5 Networks BIG-IP : libarchive vulnerability (K35246595)

The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file. CVE-2016-5418 C Tenable Network Security, Inc. The descriptive text and package checks in this...

SUSE SLED12 / SLES12 Security Update : libarchive (SUSE-SU-2016:2911-1)

This update for libarchive fixes several issues. These security issues were fixed : - CVE-2016-8687: Buffer overflow when printing a filename bsc1005070. - CVE-2016-8689: Heap overflow when reading corrupted 7Zip files bsc1005072. - CVE-2016-8688: Use after free because of incorrect calculation i...

Amazon Linux: Security Advisory (ALAS-2016-743)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 657-1] libarchive security update

Package : libarchive Version : 3.0.4-3+wheezy4 CVE ID : CVE-2016-5418 Debian Bug : 837714 It was found that libarchive mishandled hardlink archive entries of non-zero data size, possibly allowing remote attackers to to write to arbitrary files via especially crafted archives. For Debian 7 "Wheezy...

Debian DSA-3677-1 : libarchive - security update

Several vulnerabilities were discovered in libarchive, a multi-format archive and compression library, which may lead to denial of service memory consumption and application crash, bypass of sandboxing restrictions and overwrite arbitrary files with arbitrary data from an archive, or the executio...

Updated libarchive packages fix security vulnerability

The updated packages fix several security vulnerabilities: A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with...

CVE-2016-5418

The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file...

CVE-2016-5418

CVE-2016-5418 affects libarchive up to and including version 3.2.0, where sandboxing of archives with hardlinks mishandles entries of non-zero data size. This can allow a remote attacker to write to arbitrary files via a crafted archive, as described in multiple advisories. Public reports referen...

CentOS Update for libarchive CESA-2016:1850 centos6

Check the version of libarchive SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882557";...

CentOS 7 : libarchive (CESA-2016:1844)

An update for libarchive is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

Important: Red Hat Security Advisory: Red Hat OpenShift Enterprise 3.2 security update and bug fix update

An update for atomic-openshift and heapster is now available for Red Hat OpenShift Enterprise 3.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...