SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2007-4476

Date: (C)2007-09-04 (M)2023-12-22

Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL

Reference:

SUNALERT-1021680

FEDORA-2007-2673

FEDORA-2007-735

SUSE-SR:2007:018

SUSE-SR:2007:019

http://bugs.gentoo.org/show_bug.cgi?id=196978

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

https://bugzilla.redhat.com/show_bug.cgi?id=280961

https://issues.rpath.com/browse/RPL-1861

oval:org.mitre.oval:def:7114

oval:org.mitre.oval:def:8599

oval:org.mitre.oval:def:9336

cpe:/a:gnu:tar
cpe:/o:debian:debian_linux:3.1
cpe:/o:debian:debian_linux:4.0
cpe:/o:canonical:ubuntu_linux:7.04
...

oval:org.secpod.oval:def:201918
oval:org.secpod.oval:def:201707
oval:org.secpod.oval:def:201909
oval:org.secpod.oval:def:700472
...

© SecPod Technologies