exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2007-4476

Status Candidate

Overview

Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."

Related Files

Ubuntu Security Notice 709-1
Posted Jan 16, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-709-1 - Dmitry V. Levin discovered a buffer overflow in tar. If a user or automated system were tricked into opening a specially crafted tar file, an attacker could crash tar or possibly execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-4476
SHA-256 | 7957633c70c439ce956f85c4340dbf6c8fbbbcd468241cc2022efea145a58822
Ubuntu Security Notice 650-1
Posted Oct 3, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 650-1 - A buffer overflow was discovered in cpio. If a user were tricked into opening a crafted cpio archive, an attacker could cause a denial of service via application crash, or possibly execute code with the privileges of the user invoking the program.

tags | advisory, denial of service, overflow
systems | linux, ubuntu
advisories | CVE-2007-4476
SHA-256 | cc2e0d30e067041417172ae7fe859eda11e0ad3a215aaabcfa689d1c421a6c78
Debian Linux Security Advisory 1566-1
Posted May 2, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1566-1 - Dmitry Levin discovered a vulnerability in path handling code used by the cpio archive utility. The weakness could enable a denial of service (crash) or potentially the execution of arbitrary code if a vulnerable version of cpio is used to extract or to list the contents of a maliciously crafted archive.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2007-4476
SHA-256 | b4bab381c166de7c08c0647965e2834878fc042ba7affd0458a39442a6060403
Debian Linux Security Advisory 1438-1
Posted Dec 29, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1438-1 - Several vulnerabilities have been discovered in GNU Tar. A directory traversal vulnerability enables attackers using specially crafted archives to extract contents outside the directory tree created by tar. A stack-based buffer overflow in the file name checking code may lead to arbitrary code execution when processing maliciously crafted archives.

tags | advisory, overflow, arbitrary, vulnerability, code execution
systems | linux, debian
advisories | CVE-2007-4131, CVE-2007-4476
SHA-256 | cdb091cdc7a22e2e70fc77812d2d98bb673e8958c2eb906c42c3d283d52a525e
Mandriva Linux Security Advisory 2007.233
Posted Nov 29, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Buffer overflow in the safer_name_suffix function in GNU cpio has unspecified attack vectors and impact, resulting in a crashing stack. This problem is originally found in tar, but affects cpio too, due to similar code fragments. Directory traversal vulnerability in cpio 2.6 and earlier allows remote attackers to write to arbitrary directories via a .. (dot dot) in a cpio file. This is an old issue, affecting only Mandriva Corporate Server 4 and Mandriva Linux 2007.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-4476, CVE-2005-1229
SHA-256 | e60da58de41a61167889be1fbdba3d6aad13e83dca878b9c731631571b545a6a
Gentoo Linux Security Advisory 200711-18
Posted Nov 15, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-18 - A buffer overflow vulnerability in the safer_name_suffix() function in GNU cpio has been discovered. Versions less than 2.9-r1 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-4476
SHA-256 | fd33823e7ab97166450f1a66072fa2b17bed42995063e54812d268d94e68b1aa
Mandriva Linux Security Advisory 2007.197
Posted Oct 16, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A buffer overflow in GNU tar has unspecified attack vectors and impact, resulting in a crashing stack.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2007-4476
SHA-256 | d6ca54d22cddc8887b5129f6edc2abd3964ee5f3bd49e9a2c3792ad6fd25eb7b
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close