FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gtar -- buffer overflow in rmt client

Affected packages
gtar < 1.22_3


VuXML ID c175d72f-3773-11df-8bb8-0211d880e350
Discovery 2010-03-24
Entry 2010-03-24

Jakob Lell reports:

The rmt client implementation of GNU Tar/Cpio contains a heap-based buffer overflow which possibly allows arbitrary code execution.

The problem can be exploited when using an untrusted/compromised rmt server.


CVE Name CVE-2010-0624