20 matches found
Linux Distros Unpatched Vulnerability : CVE-2013-4420
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple directory traversal vulnerabilities in the 1 tarextractglob and 2 tarextractall functions in libtar 1.2.20 and earlier allow remote attackers to...
CBL Mariner 2.0 Security Update: libtar (CVE-2013-4420)
The version of libtar installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2013-4420 advisory. - Multiple directory traversal vulnerabilities in the 1 tarextractglob and 2 tarextractall functions in libtar...
RHEL 7 : libtar (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libtar: missing validation of file names CVE-2013-4420 Note that Nessus has not tested for this issue but has inste...
RHEL 6 : libtar (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libtar: missing validation of file names CVE-2013-4420 Note that Nessus has not tested for this issue but has inste...
CVE-2013-4420 affecting package libtar for versions less than 1.2.20-11
CVE-2013-4420 affecting package libtar for versions less than 1.2.20-11. A patched version of the package is available...
CVE-2013-4420 affecting package libtar for versions less than 1.2.20-8
CVE-2013-4420 affecting package libtar for versions less than 1.2.20-8. A patched version of the package is available...
Mageia: Security Advisory (MGASA-2014-0090)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libtar (EulerOS-SA-2021-2106)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Advisory ROSA-SA-2021-1894
Software: libtar 1.2.11 OS: Cobalt 7.9 CVE-ID: CVE-2013-4420 CVE-Crit: HIGH CVE-DESC: Multiple directory traversal vulnerabilities in the 1 tarextractglob and 2 tarextractall functions in libtar 1.2.20 and earlier allow remote attackers to overwrite arbitrary files with a . dot in a created tar...
EulerOS Virtualization for ARM 64 3.0.2.0 : libtar (EulerOS-SA-2021-2106)
According to the version of the libtar package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - Multiple directory traversal vulnerabilities in the 1 tarextractglob and 2 tarextractall functions in libtar 1.2.20 and...
EulerOS Virtualization 3.0.6.6 : libtar (EulerOS-SA-2021-1491)
According to the version of the libtar package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Multiple directory traversal vulnerabilities in the 1 tarextractglob and 2 tarextractall functions in libtar 1.2.20 and earlier allow...
CVE-2013-4420 affecting package libtar 1.2.20-11
CVE-2013-4420 affecting package libtar 1.2.20-11. A patched version of the package is available...
Huawei EulerOS: Security Advisory for libtar (EulerOS-SA-2019-2444)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated libtar package fixes security vulnerability
A directory traversal attack was reported against libtar, a C library for manipulating tar archives. The application does not validate the filenames inside the tar archive, allowing to extract files in arbitrary path. An attacker can craft a tar file to override files beyond the tarextractglob an...
UBUNTU-CVE-2013-4420
Multiple directory traversal vulnerabilities in the 1 tarextractglob and 2 tarextractall functions in libtar 1.2.20 and earlier allow remote attackers to overwrite arbitrary files via a .. dot dot in a crafted tar file...
CVE-2013-4420
Multiple directory traversal vulnerabilities in the 1 tarextractglob and 2 tarextractall functions in libtar 1.2.20 and earlier allow remote attackers to overwrite arbitrary files via a .. dot dot in a crafted tar file...
CVE-2013-4420
CVE-2013-4420 affects libtar 1.2.20 and earlier, where tar_extract_glob and tar_extract_all are vulnerable to directory traversal via .. in crafted tar files, allowing remote overwrite of arbitrary files. Several connected advisories confirm affected versions and note a patched version is availab...
Debian DSA-2863-1 : libtar - directory traversal
A directory traversal attack was reported against libtar, a C library for manipulating tar archives. The application does not validate the filenames inside the tar archive, allowing to extract files in arbitrary path. An attacker can craft a tar file to override files beyond the tarextractglob an...
[SECURITY] [DSA 2863-1] libtar security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2863-1 [email protected] http://www.debian.org/security/ Luciano Bello February 18, 2014 http://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-2863-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...