Astra Linux – Vulnerability in libtar

The thread function does not free the variable t-thbuf.gnulonglink after allocating memory, which may lead to a memory leak...

EUVD-2013-4276

Malware in sbrugna...

The vulnerability of the libtar package, related to reading data beyond the memory boundaries, allows an attacker to gain access to confidential information.

The vulnerability of the libtar package is related to the initiation of the malloc0 call for the gnulonglink variable. Exploiting this vulnerability may allow an attacker to gain access to confidential information...

Photon OS 4.0: Libtar PHSA-2022-4.0-0231

An update of the libtar package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-4.0-0231. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

K16015326: libtar vulnerability CVE-2013-4397

Security Advisory Description Multiple integer overflows in the thread function in lib/block.c in libtar before 1.2.20 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long 1 name or 2 link in an archive, which triggers a heap-based buffer...

AZL-10543 CVE-2021-33644 affecting package libtar for versions less than 1.2.20-10

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulongname, causing an out-of-bounds read...

AZL-34946 CVE-2021-33643 affecting package libtar for versions less than 1.2.20-11

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read...

F5 BIG-IP - libtar vulnerability CVE-2013-4397

The remote host is missing a security patch. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/h:f5:big-ip"; if description...

F5 Networks BIG-IP : libtar vulnerability (K16015326)

Multiple integer overflows in the thread function in lib/block.c in libtar before 1.2.20 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long 1 name or 2 link in an archive, which triggers a heap-based buffer overflow. CVE-2013-4397 C Tenable...

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the libtar-1.2.11 package for the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

GLSA-201402-19 : libtar: Arbitraty code execution

The remote host is affected by the vulnerability described in GLSA-201402-19 libtar: Arbitraty code execution An integer overflow error within the thread function when processing long names or link extensions can be exploited to cause a heap-based buffer overflow via a specially crafted archive...

AZL-6651 CVE-2013-4420 affecting package libtar for versions less than 1.2.20-8

Multiple directory traversal vulnerabilities in the 1 tarextractglob and 2 tarextractall functions in libtar 1.2.20 and earlier allow remote attackers to overwrite arbitrary files via a .. dot dot in a crafted tar file...

CVE-2013-4397

Multiple integer overflows in the thread function in lib/block.c in libtar before 1.2.20 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long 1 name or 2 link in an archive, which triggers a heap-based buffer overflow...

DEBIAN-CVE-2013-4397

Multiple integer overflows in the thread function in lib/block.c in libtar before 1.2.20 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long 1 name or 2 link in an archive, which triggers a heap-based buffer overflow...