Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0300

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2006-0300
Last Modified 07 Mar 2011 09:29:44
Published 23 Feb 2006 07:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-0300

Summary

Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.

Vulnerable Systems

Application

  • Gnu Tar 1.14

  • Gnu Tar 1.14.1

  • Gnu Tar 1.15

  • Gnu Tar 1.15.1

  • Gnu Tar 1.15.90


References

CERT - TA07-109A

CERT - TA07-072A

MANDRIVA - MDKSA-2006:046

OSVDB - 23371

SECUNIA - 18999

SECUNIA - 18976

XF - gnu-tar-pax-headers-bo(24855)

VUPEN - ADV-2008-2518

VUPEN - ADV-2007-1470

VUPEN - ADV-2007-0930

VUPEN - ADV-2006-0684

UBUNTU - USN-257-1

TRUSTIX - 2006-0010

BID - 16764

FEDORA - FLSA:183571-2

REDHAT - RHSA-2006:0232

OPENPKG - OpenPKG-SA-2006.006

SUSE - SUSE-SR:2006:005

GENTOO - GLSA-200603-06

DEBIAN - DSA-987

SUNALERT - 241646

SECTRACK - 1015705

SECUNIA - 19236

SECUNIA - 19152

SECUNIA - 19130

SECUNIA - 19093

SECUNIA - 19016

SECUNIA - 18973

MLIST - [Bug-tar] 20060220 tar 1.15.90 released

SREASON - 543

SREASON - 480

SECUNIA - 24966

SECUNIA - 24479

SECUNIA - 20042

APPLE - APPLE-SA-2007-03-13

APPLE - APPLE-SA-2007-04-19

CONFIRM - http://docs.info.apple.com/article.html?artnum=305391

CONFIRM - http://docs.info.apple.com/article.html?artnum=305214

Related Patches

Apple 2007-04-19 Security Update 2007-004 Mac OS X 10.4.9 (PPC)

Apple 2007-04-19 Security Update 2007-004 Mac OS X 10.4.9 (Intel)

Apple 2007-05-01 Security Update 2007-004 V1.1 Mac OS X 10.4.9 (PPC) (Rev 2)

Apple 2007-05-01 Security Update 2007-004 V1.1 Mac OS X 10.4.9 (Intel) (Rev 2)


Last Updated: 27 May 2016 10:41:36