CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Cvelist•added 2016/12/09 10:0 p.m.•36 views

CVE-2016-6321

Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the filename parameter, aka POINTYFEATHER...

7.5AI score0.15155EPSS

Exploits3References12

Tenable Nessus•added 2007/12/13 12:0 a.m.•33 views

SuSE 10 Security Update : cpio (ZYPP Patch Number 4184)

This update fixes a bug in function safernamesuffix of cpio which leads to a crashing stack. Exploitability is unknown. CVE-2007-4476 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; i...

7.5CVSS7.2AI score0.14902EPSS

Exploits2References2

exploitpack•added 2007/11/14 12:0 a.m.•24 views

GNU TAR 1.15.91 CPIO 2.5.90 - safer_name_suffix Remote Denial of Service

GNU TAR 1.15.91 CPIO 2.5.90 - safernamesuffix Remote Denial of Service // source: https://www.securityfocus.com/bid/26445/info GNU's tar and cpio utilities are prone to a denial-of-service vulnerability because of insecure use of the 'alloca' function. Successfully exploiting this issue allows...

0.3AI score

Exploits0

FreeBSD•added 2007/11/14 12:0 a.m.•43 views

gtar -- GNU TAR safer_name_suffix Remote Denial of Service Vulnerability

SecurityFocus reports: GNUs tar and cpio utilities are prone to a denial-of-service vulnerability because of insecure use of the alloca function. Successfully exploiting this issue allows attackers to crash the affected utilities and possibly to execute code but this has not been confirmed...

7.5CVSS7.6AI score0.14902EPSS

Exploits2References1

Tenable Nessus•added 2007/11/07 12:0 a.m.•34 views

Fedora 8 : tar-1.17-4.fc8 (2007-2800)

Wed Oct 24 2007 Radek Brich 2:1.17-4 - upstream patch for CVE-2007-4476 tar stack crashing in safernamesuffix Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as...

7.5CVSS7.2AI score0.14902EPSS

Exploits2References3

Prion•added 2007/09/05 1:17 a.m.•24 views

Buffer overflow

Buffer overflow in the safernamesuffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."...

7.5CVSS6.5AI score0.14902EPSS

Exploits2References37Affected Software3

Cvelist•added 2007/09/05 1:0 a.m.•24 views

CVE-2007-4476

Buffer overflow in the safernamesuffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."...

7.5AI score0.14902EPSS

Exploits2References37

Debian CVE•added 2007/09/05 1:0 a.m.•34 views

CVE-2007-4476

Buffer overflow in the safernamesuffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."...

7.5CVSS7.6AI score0.14902EPSS

Exploits2

CVE•added 2007/09/05 1:0 a.m.•129 views

CVE-2007-4476

CVE-2007-4476 is a buffer overflow in the safer_name_suffix function of GNU tar that exposes a crashing stack. The supplied connected documents corroborate the issue within tar/cpio track records and list it alongside other related CVEs (e.g., CVE-2010-0624); no explicit patch versions or remedia...

7.5CVSS7.5AI score0.14902EPSS

Exploits2References37Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by