[Full-disclosure] rPSA-2006-0222-1 tar



rPath Security Advisory: 2006-0222-1
Published: 2006-11-30
Products: rPath Linux 1
Rating: Severe
Exposure Level Classification:
Indirect User Deterministic Vulnerability
Updated Versions:
tar=/conary.rpath.com@rpl:devel//1/1.15.1-7.1-1

References:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6097
https://issues.rpath.com/browse/RPL-821

Description:
Previous version of the tar package are vulnerable to an attack in
which unpacking an intentionally-malformed tar archive can overwrite
arbitrary files to which the user running tar has write access.
If the attacking user knows the name of a vulnerable binary file
and overwrites it, this allows the attacker to place arbitrary code
on the system which is likely to be run. If root is running tar,
this includes any file on the system, which would elevate this
to an indirect non-deterministic remote root unauthorized access
vulnerability.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • [Full-disclosure] rPSA-2007-0005-1 xorg-x11 xorg-x11-fonts xorg-x11&
    ... rPath Security Advisory: 2007-0005-1 ... Previous versions of the xorg-x11 package are vulnerable to an attack ... This vulnerability is known to enable a Denial of Service ... server can cause the entire X server process to crash. ...
    (Full-Disclosure)
  • rPSA-2007-0005-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11
    ... rPath Security Advisory: 2007-0005-1 ... Previous versions of the xorg-x11 package are vulnerable to an attack ... This vulnerability is known to enable a Denial of Service ... server can cause the entire X server process to crash. ...
    (Bugtraq)
  • [Full-disclosure] FLEA-2007-0049-1 tar
    ... Previous versions of the tar package are vulnerable to an attack in ... which unpacking an intentionally-malformed tar archive can overwrite ... remote root unauthorized access vulnerability. ... Copyright 2007 Foresight Linux Project ...
    (Full-Disclosure)
  • FLEA-2007-0049-1 tar
    ... Previous versions of the tar package are vulnerable to an attack in ... which unpacking an intentionally-malformed tar archive can overwrite ... remote root unauthorized access vulnerability. ... Copyright 2007 Foresight Linux Project ...
    (Bugtraq)
  • Allot Netenforcer problems, GNU TAR flaw
    ... Security Advisory, case study - Netenforcer ... 2.Vulnerable tar packages ... Using the security flaw an attacker can gain ... File access vulnerability ...
    (Bugtraq)