21 matches found
MiracleLinux 4 : libtar-1.2.11-17.AXS4.1 (AXSA:2014-078:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-078:01 advisory. libtar is a C library for manipulating tar archives. It supports both the strict POSIX tar format and many of the commonly-used GNU extensions. Security issue...
K16015326: libtar vulnerability CVE-2013-4397
Security Advisory Description Multiple integer overflows in the thread function in lib/block.c in libtar before 1.2.20 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long 1 name or 2 link in an archive, which triggers a heap-based buffer...
Mageia: Security Advisory (MGASA-2013-0309)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libtar (EulerOS-SA-2019-1440)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.1.0 : libtar (EulerOS-SA-2019-1440)
According to the version of the libtar package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Multiple integer overflows in the thread function in lib/block.c in libtar before 1.2.20 allow remote attackers to cause a denial of...
F5 BIG-IP - libtar vulnerability CVE-2013-4397
The remote host is missing a security patch. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/h:f5:big-ip"; if description...
SOL16015326 - libtar vulnerability CVE-2013-4397
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
Oracle: Security Advisory (ELSA-2013-1418)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 2817-1] libtar security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2817-1 [email protected] http://www.debian.org/security/ Luciano Bello December 14, 2013 http://www.debian.org/security/faq -...
Debian DSA-2817-1 : libtar - Integer overflow
Timo Warns reported multiple integer overflow vulnerabilities in libtar, a library for manipulating tar archives, which can result in the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
[SECURITY] [DSA 2817-1] libtar security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2817-1 [email protected] http://www.debian.org/security/ Luciano Bello December 14, 2013 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 2817-1 (libtar - Integer overflow)
Timo Warns reported multiple integer overflow vulnerabilities in libtar, a library for manipulating tar archives, which can result in the execution of arbitrary code. OpenVAS Vulnerability Test $Id: deb2817.nasl 6611 2017-07-07 12:07:20Z cfischer $ Auto-generated from advisory DSA 2817-1 using...
Fedora 20 : libtar-1.2.11-27.fc20 (2013-18877)
fix CVE-2013-4397: buffer overflows by expanding a specially crafted archive Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora 19 : libtar-1.2.11-26.fc19 (2013-18808)
fix CVE-2013-4397: buffer overflows by expanding a specially crafted archive Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora 18 : libtar-1.2.11-25.fc18 (2013-18785)
fix CVE-2013-4397: buffer overflows by expanding a specially crafted archive Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
CVE-2013-4397
Multiple integer overflows in the thread function in lib/block.c in libtar before 1.2.20 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long 1 name or 2 link in an archive, which triggers a heap-based buffer overflow...
CVE-2013-4397
Concretely, CVE-2013-4397 affects the libtar library (libtar) prior to 1.2.20. The vulnerability arises from integer overflows in the th_read() function in lib/block.c, enabling a heap-based buffer overflow when processing long names or links in tar archives. Exploitation could result in remote d...
Updated libtar packages fixes security vulnerability
Two heap-based buffer overflow flaws were found in the way libtar handled certain archives. If a user were tricked into expanding a specially-crafted archive, it could cause the libtar executable or an application using libtar to crash or, potentially, execute arbitrary code CVE-2013-4397...
CentOS Update for libtar CESA-2013:1418 centos6
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 6 : libtar (RHSA-2013:1418)
An updated libtar package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...