FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-4476

This CVE name corresponds to:

Entered Topic
2009-01-15 gtar -- GNU TAR safer_name_suffix Remote Denial of Service Vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-4476 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-4476
Phase Assigned(20070822)

Description

Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."

References

Source Reference
CONFIRM https://issues.rpath.com/browse/RPL-1861
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=280961
CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=196978
DEBIAN DSA-1438
DEBIAN DSA-1566
FEDORA FEDORA-2007-2673
FEDORA FEDORA-2007-735
GENTOO GLSA-200711-18
MANDRIVA MDKSA-2007:197
MANDRIVA MDKSA-2007:233
REDHAT RHSA-2010:0141
REDHAT RHSA-2010:0144
SUNALERT 1021680
SUSE SUSE-SR:2007:018
SUSE SUSE-SR:2007:019
UBUNTU USN-709-1
UBUNTU USN-650-1
BID 26445
OVAL oval:org.mitre.oval:def:8599
OVAL oval:org.mitre.oval:def:9336
OVAL oval:org.mitre.oval:def:7114
SECUNIA 26674
SECUNIA 26987
SECUNIA 27331
SECUNIA 27453
SECUNIA 27514
SECUNIA 27681
SECUNIA 27857
SECUNIA 28255
SECUNIA 29968
SECUNIA 33567
SECUNIA 32051
SECUNIA 39008
VUPEN ADV-2010-0628
VUPEN ADV-2010-0629

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.