32 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-6321
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection...
RHEL 6 : tar (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tar: Bypassing the extract path name CVE-2016-6321 - tar: null-pointer dereference in paxdecodeheader in...
RHEL 5 : tar (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tar: Bypassing the extract path name CVE-2016-6321 - tar: Infinite read loop in sparsedumpregion function...
RHEL 7 : tar (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tar: Bypassing the extract path name CVE-2016-6321 - tar: null-pointer dereference in paxdecodeheader in...
Mageia: Security Advisory (MGASA-2016-0386)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2020-1449)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Photon OS 2.0: Tar PHSA-2019-2.0-0187
An update of the tar package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0187. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid132546;...
EulerOS 2.0 SP3 : tar (EulerOS-SA-2019-2673)
According to the version of the tar package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended...
EulerOS 2.0 SP2 : tar (EulerOS-SA-2019-2423)
According to the version of the tar package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended...
EulerOS 2.0 SP5 : tar (EulerOS-SA-2019-2192)
According to the version of the tar package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended...
Photon OS 1.0: Tar PHSA-2019-1.0-0252
An update of the tar package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0252. The text itself is copyright C VMware, Inc. include"compat.inc"; if description scriptid129788;...
Photon OS 1.0: Tar PHSA-2019-1.0-0255
An update of the tar package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0255. The text itself is copyright C VMware, Inc. include"compat.inc"; if description scriptid129686;...
NewStart CGSL MAIN 4.05 : tar Multiple Vulnerabilities (NS-SA-2019-0153)
The remote NewStart CGSL host, running version MAIN 4.05, has tar packages installed that are affected by multiple vulnerabilities: - Buffer overflow in tar 1.14 through 1.15.90 allows user- assisted attackers to cause a denial of service application crash and possibly execute code via unspecifie...
Security Bulletin: IBM Flex System Manager (FSM) is affected by tar vulnerabilities (CVE-2010-0624 CVE-2016-6321)
Summary Multiple security vulnerabilities have been identified in the tar command that is embedded in IBM FSM. This bulletin addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2010-0624 DESCRIPTION: GNU Tar and GNU Cpio are vulnerable to a heap-based buffer overflow, caused by...
Security fix for the ALT Linux 8 package tar version 1.29.0.19.d061-alt1
1.29.0.19.d061-alt1 built March 28, 2017 Dmitry V. Levin in task 180955 --- March 20, 2017 Dmitry V. Levin - tar: release128-39-gd02c81d - release129-19-gd06126f fixes: CVE-2016-6321. - tar: added --lz4 and --zstd options. - gnulib: v0.1-585-g2fda85e - v0.1-1209-g24b3216...
CVE-2016-6321
Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the filename parameter, aka POINTYFEATHER...
CVE-2016-6321
Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the filename parameter, aka POINTYFEATHER...
CVE-2016-6321
Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the filename parameter, aka POINTYFEATHER...
CVE-2016-6321
Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the filename parameter, aka POINTYFEATHER...
CVE-2016-6321
CVE-2016-6321 is a directory traversal vulnerability in GNU tar (safer_name_suffix) affecting tar 1.14–1.29. An attacker could bypass path sanitization and overwrite arbitrary files when extracting archives, via crafted file names (aka POINTYFEATHER). The issue is triggered by how tar removes off...