Download
| Alert*
|
oval:org.secpod.oval:def:106694
libtar is installed oval:org.secpod.oval:def:601217 A directory traversal attack was reported against libtar, a C library for manipulating tar archives. The application does not validate the filenames inside the tar archive, allowing to extract files in arbitrary path. An attacker can craft a tar file to override files beyond the tar_extract_glob and ... oval:org.secpod.oval:def:601363 libtar is installed oval:org.secpod.oval:def:106010 libtar is a C library for manipulating tar archives. It supports both the strict POSIX tar format and many of the commonly-used GNU extensions. oval:org.secpod.oval:def:1500262 An updated libtar package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availabl ... oval:org.secpod.oval:def:601169 Timo Warns reported multiple integer overflow vulnerabilities in libtar, a library for manipulating tar archives, which can result in the execution of arbitrary code. oval:org.secpod.oval:def:507721 The libtar packages contain a C library for manipulating tar archives. The library supports both the strict POSIX tar format and many of the commonly used GNU extensions. Security Fix: * libtar: out-of-bounds read in gnu_longlink * libtar: out-of-bounds read in gnu_longname * libtar: memory leak f ... oval:org.secpod.oval:def:501116 The libtar package contains a C library for manipulating tar archives. The library supports both the strict POSIX tar format and many of the commonly used GNU extensions. Two heap-based buffer overflow flaws were found in the way libtar handled certain archives. If a user were tricked into expanding ... oval:org.secpod.oval:def:202953 The libtar package contains a C library for manipulating tar archives. The library supports both the strict POSIX tar format and many of the commonly used GNU extensions. Two heap-based buffer overflow flaws were found in the way libtar handled certain archives. If a user were tricked into expanding ... oval:org.secpod.oval:def:1506760 [1.2.20-17] - fix use-after-free bugs introduced by incorrect memleak fixes [1.2.20-16] - fix memory leaks through gnu_long{name,link} - fix out-of-bounds read in gnu_long{name,link} oval:org.secpod.oval:def:124164 libtar is a C library for manipulating tar archives. It supports both the strict POSIX tar format and many of the commonly-used GNU extensions. oval:org.secpod.oval:def:124163 libtar is a C library for manipulating tar archives. It supports both the strict POSIX tar format and many of the commonly-used GNU extensions. |
