17 matches found
SUSE CVE-2016-6321
Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the filename parameter, aka POINTYFEATHER...
Directory Traversal
libtar.so is vulnerable to directory traversal. Lack of insecure sanitization of the filename parameter, aka POINTYFEATHER allows a bypass of an intended protection mechanism, leading to writing of arbitrary files via vectors...
SUSE: Security Advisory (SUSE-SU-2016:2896-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : tar (EulerOS-SA-2019-2192)
According to the version of the tar package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended...
ALPINE-CVE-2016-6321
Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the filename parameter, aka POINTYFEATHER...
CVE-2016-6321
Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the filename parameter, aka POINTYFEATHER...
DEBIAN-CVE-2016-6321
Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the filename parameter, aka POINTYFEATHER...
CVE-2016-6321
Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the filename parameter, aka POINTYFEATHER...
CVE-2016-6321
CVE-2016-6321 is a directory traversal vulnerability in GNU tar (safer_name_suffix) affecting tar 1.14–1.29. An attacker could bypass path sanitization and overwrite arbitrary files when extracting archives, via crafted file names (aka POINTYFEATHER). The issue is triggered by how tar removes off...
CVE-2016-6321
Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the filename parameter, aka POINTYFEATHER...
openSUSE Security Update : tar (openSUSE-2016-1401)
This update for tar fixes the following issues : - Fix the POINTYFEATHER vulnerability - GNU tar archiver can be tricked into extracting files and directories in the given destination, regardless of the path names specified on the command line bsc1007188 CVE-2016-6321 - Fix Amanda integration iss...
SUSE SLES11 Security Update : tar (SUSE-SU-2016:2895-1)
This update for tar fixes the following issues : - Fix the POINTYFEATHER vulnerability - GNU tar archiver can be tricked into extracting files and directories in the given destination, regardless of the path names specified on the command line bsc1007188 CVE-2016-6321 Note that Tenable Network...
SUSE SLED12 / SLES12 Security Update : tar (SUSE-SU-2016:2896-1)
This update for tar fixes the following issues : - Fix the POINTYFEATHER vulnerability - GNU tar archiver can be tricked into extracting files and directories in the given destination, regardless of the path names specified on the command line bsc1007188 CVE-2016-6321 - Fix Amanda integration iss...
SUSE-SU-2016:2896-1 Security update for tar
This update for tar fixes the following issues: - Fix the POINTYFEATHER vulnerability - GNU tar archiver can be tricked into extracting files and directories in the given destination, regardless of the path names specified on the command line bsc1007188 CVE-2016-6321 - Fix Amanda integration issu...
openSUSE Security Update : tar (openSUSE-2016-1341)
This update for tar fixes the following issues : - extract files recursively with --files-from boo913058 - Fix POINTYFEATHER vulnerability - GNU tar archiver can be tricked into extracting files and directories in the given destination, regardless of the path names specified on the command line...
UBUNTU-CVE-2016-6321
Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the filename parameter, aka POINTYFEATHER...
GNU tar 1.29 Extract Pathname Bypass
---------------- t2'16 special vulnerability release ----------------- Vulnerability: POINTYFEATHER aka Tar extract pathname bypass Credits: Harry Sintonen / FSC1V Cyber Security Services Date: 2016-10-27 Impact: File overwrite in certain situations Classifier: Full spectrum cyber CVSS: 4.3.2...