7 matches found
DLA-564-1 tardiff - security update
Bulletin has no description...
[SECURITY] [DLA 564-1] tardiff security update
Package : tardiff Version : 0.1-1+deb7u1 CVE ID : CVE-2015-0857 CVE-2015-0858 Two vulnerabilities were found in tardiff: CVE-2015-0857 Arbitrary command execution was possible via shell metacharacters in the name of a 1 tar file or 2 file within a tar file. CVE-2015-0858 Local users could write t...
CVE-2015-0857
Cool Projects TarDiff allows remote attackers to execute arbitrary commands via shell metacharacters in the name of a 1 tar file or 2 file within a tar file...
CVE-2015-0857
CVE-2015-0857 affects tardiff. The vulnerability arises from shell metacharacters in the name of a tar archive or a file within the archive, allowing arbitrary command execution. Public references in the provided documents consistently describe this issue, with Debian noting a fix in tardiff vers...
Debian DSA-3562-1 : tardiff - security update
Several vulnerabilities were discovered in tardiff, a tarball comparison tool. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-0857 Rainer Mueller and Florian Weimer discovered that tardiff is prone to shell command injections via shell...
[SECURITY] [DSA 3562-1] tardiff security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3562-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 01, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3562-1] tardiff security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3562-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 01, 2016 https://www.debian.org/security/faq -...