FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2006-6097

This CVE name corresponds to:

Entered Topic
2007-02-27 gtar -- name mangling symlink vulnerability
2006-11-30 gtar -- GNUTYPE_NAMES directory traversal vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2006-6097 at cve.mitre.org

Details

Type Candidate
Name CVE-2006-6097
Phase Assigned(20061124)

Description

GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function in extract.c and extract_mangle function in mangle.c, a variant of CVE-2002-1216.

References

Source Reference
BUGTRAQ 20061201 rPSA-2006-0222-1 tar
BUGTRAQ 20070330 VMSA-2007-0002 VMware ESX security updates
FULLDISC 20061121 GNU tar directory traversal
MISC https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216937
CONFIRM https://issues.rpath.com/browse/RPL-821
CONFIRM http://kb.vmware.com/KanisaPlatform/Publishing/817/2240267_f.SAL_Public.html
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2007-015.htm
CONFIRM http://docs.info.apple.com/article.html?artnum=305214
CONFIRM http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html
APPLE APPLE-SA-2007-03-13
DEBIAN DSA-1223
FREEBSD SA-06:26
FREEBSD FreeBSD-SA-06:26
GENTOO GLSA-200612-10
MANDRIVA MDKSA-2006:219
OPENPKG OpenPKG-SA-2006.038
REDHAT RHSA-2006:0749
SGI 20061202-01-P
SLACKWARE SSA:2006-335-01
TRUSTIX 2006-0068
UBUNTU USN-385-1
CERT TA07-072A
BID 21235
OVAL oval:org.mitre.oval:def:10963
VUPEN ADV-2006-4717
VUPEN ADV-2006-5102
VUPEN ADV-2007-0930
VUPEN ADV-2007-1171
SECTRACK 1017423
SECUNIA 23115
SECUNIA 23142
SECUNIA 23117
SECUNIA 23173
SECUNIA 23163
SECUNIA 23209
SECUNIA 23146
SECUNIA 23198
SECUNIA 23314
SECUNIA 23443
SECUNIA 23514
SECUNIA 23911
SECUNIA 24479
SECUNIA 24636
SREASON 1918

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.