Lucene search
RootSSV:2398HistoryNov 08, 2007 - 12:00 a.m.
Perl Archive::Tar模块远程目录遍历漏洞
2007-11-0800:00:00
Root
www.seebug.org
12
0.01 Low
EPSS
Percentile
82.3%
BUGTRAQ ID: 26355
CVE(CAN) ID: CVE-2007-4829
Archive::Tar是Perl中用于操控tar文档的模块。
Archive::Tar模块在解压tar文档时存在输入验证错误,如果所解压到文档中包含有目录遍历序列的话,就可以将文件解压到指定目录以外的任意位置。
CPAN Archive::Tar 1.36
目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
<a href=“http://www.cpan.org” target=“_blank”>http://www.cpan.org</a>
Related
nessus
nessus
RHEL 4 / 5 : perl-Archive-Tar (RHSA-2010:0505)
2010-07-28 00:00:00
CentOS 4 / 5 : perl-Archive-Tar (CESA-2010:0505)
2010-07-13 00:00:00
Oracle Linux 4 / 5 : perl-Archive-Tar (ELSA-2010-0505)
2013-07-12 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: perl-5.10.0-52.fc10
2008-12-30 23:44:43
[SECURITY] Fedora 10 Update: perl-5.10.0-73.fc10
2009-07-16 07:33:06
ubuntucve
ubuntucve
CVE-2007-4829
2007-11-02 00:00:00
redhat
redhat
(RHSA-2010:0505) Moderate: perl-Archive-Tar security update
2010-07-01 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200812-10 (Archive-Tar)
2008-12-23 00:00:00
Fedora Update for perl FEDORA-2008-11736
2009-02-13 00:00:00
Fedora Core 10 FEDORA-2008-11736 (perl)
2009-01-02 00:00:00
oraclelinux
oraclelinux
perl-Archive-Tar security update
2010-07-01 00:00:00
gentoo
gentoo
Archive::Tar: Directory traversal vulnerability
2008-12-10 00:00:00
prion
prion
Directory traversal
2007-11-02 16:46:00
cve
cve
CVE-2007-4829
2007-11-02 16:46:00
centos
centos
perl security update
2010-07-12 17:00:47
veracode
veracode
Arbitrary File Write
2020-04-10 00:45:30
debiancve
debiancve
CVE-2007-4829
2007-11-02 16:46:00
ubuntu
ubuntu
Perl regression
2009-01-15 00:00:00
Perl vulnerabilities
2008-12-24 00:00:00