CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
76.1%
Severity: Medium
Date : 2016-11-03
CVE-ID : CVE-2016-6321
Package : tar
Type : arbitrary file overwrite
Remote : Yes
Link : https://wiki.archlinux.org/index.php/CVE
The package tar before version 1.29-2 is vulnerable to arbitrary file
overwrite.
Upgrade to 1.29-2.
The problem has been fixed upstream but no release is available yet.
None.
The GNU tar archiver attempts to avoid path traversal attacks by
removing offending parts of the element name at extract. This
sanitizing leads to a vulnerability where the attacker can bypass the
path name(s) specified on the command line leading to arbitrary
overwrite of files and directories inside the target directory.
A remote attacker is able to use a specially crafted tar archive that,
when extracted by the victim, replaces files and directories regardless
of the path name(s) specified.
https://bugs.archlinux.org/task/51563
http://seclists.org/fulldisclosure/2016/Oct/96
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=7340f67b9860ea053
https://sintonen.fi/advisories/tar-extract-pathname-bypass.txt
https://access.redhat.com/security/cve/CVE-2016-6321
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
76.1%