31 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-20482
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service infinite read...
RHEL 7 : tar (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tar: Bypassing the extract path name CVE-2016-6321 - tar: null-pointer dereference in paxdecodeheader in...
RHEL 6 : tar (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tar: Bypassing the extract path name CVE-2016-6321 - tar: null-pointer dereference in paxdecodeheader in...
RHEL 5 : tar (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tar: Bypassing the extract path name CVE-2016-6321 - tar: Infinite read loop in sparsedumpregion function...
openSUSE: Security Advisory for tar (SUSE-SU-2022:1548-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2022:1548-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 Security Update : tar (SUSE-SU-2022:1548-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1548-1 advisory. - GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows loca...
Debian DLA-2830-1 : tar - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2830 advisory. An infinite loop when --sparse is used with file shrinkage during read access was fixed in the GNU tar archiving utility. For Debian 9 stretch, this problem has been fixed ...
[SECURITY] [DLA 2830-1] tar security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2830-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk November 28, 2021 https://wiki.debian.org/LTS -...
SUSE: Security Advisory (SUSE-SU-2019:14215-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:0926-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4692-1: tar vulnerabilities | Cloud Foundry
Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Chris Siebenmann discovered that tar incorrectly handled extracting files resized during extraction when invoked with the –sparse flag. An attacker could possibl...
Ubuntu: Security Advisory (USN-4692-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : tar vulnerabilities (USN-4692-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4692-1 advisory. Chris Siebenmann discovered that tar incorrectly handled extracting files resized during extraction when invoked with the --spars...
USN-4692-1: tar vulnerabilities
Chris Siebenmann discovered that tar incorrectly handled extracting files resized during extraction when invoked with the --sparse flag. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu...
SUSE SLES12 Security Update : tar (SUSE-SU-2020:2806-1)
This update for tar fixes the following issues : Security issues fixed : CVE-2019-9923: Fixed a denial of service while parsing certain archives with malformed extended headers in paxdecodeheader bsc1130496. CVE-2018-20482: Fixed a denial of service when the '--sparse' option mishandles file...
Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2020-1035)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2019-1346)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2019-1262)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.5.0 : tar (EulerOS-SA-2020-1068)
According to the version of the tar package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - The GNU tar program saves many files together in one archive and can restore individual files or all of the files from that...