FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2006-0300

This CVE name corresponds to:

Entered Topic
2006-03-03 gtar -- invalid headers buffer overflow

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2006-0300 at cve.mitre.org

Details

Type Candidate
Name CVE-2006-0300
Phase Assigned(20060118)

Description

Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.

References

Source Reference
MLIST [Bug-tar] 20060220 tar 1.15.90 released
CONFIRM http://docs.info.apple.com/article.html?artnum=305214
CONFIRM http://docs.info.apple.com/article.html?artnum=305391
APPLE APPLE-SA-2007-04-19
APPLE APPLE-SA-2007-03-13
DEBIAN DSA-987
FEDORA FLSA:183571-2
GENTOO GLSA-200603-06
MANDRIVA MDKSA-2006:046
OPENPKG OpenPKG-SA-2006.006
REDHAT RHSA-2006:0232
SUNALERT 241646
SUSE SUSE-SR:2006:005
TRUSTIX 2006-0010
UBUNTU USN-257-1
CERT TA07-072A
CERT TA07-109A
BID 16764
OVAL oval:org.mitre.oval:def:5252
OVAL oval:org.mitre.oval:def:5978
OVAL oval:org.mitre.oval:def:5993
OVAL oval:org.mitre.oval:def:6094
OVAL oval:org.mitre.oval:def:9295
VUPEN ADV-2006-0684
VUPEN ADV-2007-0930
VUPEN ADV-2007-1470
VUPEN ADV-2008-2518
OSVDB 23371
SECTRACK 1015705
SECUNIA 18976
SECUNIA 18973
SECUNIA 18999
SECUNIA 19093
SECUNIA 19130
SECUNIA 19152
SECUNIA 19236
SECUNIA 19016
SECUNIA 20042
SECUNIA 24479
SECUNIA 24966
SREASON 480
SREASON 543
XF gnu-tar-pax-headers-bo(24855)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.