10 matches found
SUSE CVE-2005-2541
Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Base OS issues
Summary IBM Watson Speech Services Cartridge is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability Details CVEID:CVE-2025-0395...
Linux Distros Unpatched Vulnerability : CVE-2005-2541
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Tar does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges. CVE-2005-2541 No...
RHEL 9 : tar (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - tar: Incorrectly handled extension attributes in PAX archives can lead to a crash CVE-2023-39804 Note that Nessus h...
RHEL 8 : tar (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tar: null-pointer dereference in paxdecodeheader in sparse.c CVE-2019-9923 - In GNU tar before 1.35,...
RHEL 6 : tar (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tar: Bypassing the extract path name CVE-2016-6321 - tar: null-pointer dereference in paxdecodeheader in...
RHEL 7 : tar (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tar: Bypassing the extract path name CVE-2016-6321 - tar: null-pointer dereference in paxdecodeheader in...
CVE-2005-2541
Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges...
CVE-2005-2541
Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges...
CVE-2005-2541
CVE-2005-2541 concerns Tar 1.15.1, which does not properly warn when extracting files with setuid or setgid permissions. The bulletin states this may let local users or remote attackers gain privileges. The issue is described with the affected component and the impact (privilege escalation), but ...