Re: GNU Tar vulnerability

---

• From: Josh Paetzel <josh@xxxxxxxxx>
• Date: Tue, 28 Nov 2006 13:33:32 -0600

---

On Tuesday 28 November 2006 11:17, Sergey Matveychuk wrote:

Please, note: http://secunia.com/advisories/23115/

A port maintainer CC'ed.

This is one of those things where the impact is hard to determine
because the link doesn't really give much info. Ok, you can
overwrite arbitrary files.....ANY file? Or just files that the user
running gtar has write access to? If it's the first case then that's
huge. If it's the second case then who really cares.

--
Thanks,

Josh Paetzel
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

---

• Follow-Ups:
  • Re: GNU Tar vulnerability
    • From: Sergey Matveychuk

• References:
  • GNU Tar vulnerability
    • From: Sergey Matveychuk

• Prev by Date: GNU Tar vulnerability
• Next by Date: Re: GNU Tar vulnerability
• Previous by thread: GNU Tar vulnerability
• Next by thread: Re: GNU Tar vulnerability
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > FreeBSD-Security  > 2006-11