Lucene search
RedHatRHSA-2006:0749HistoryDec 19, 2006 - 12:00 a.m.
(RHSA-2006:0749) Moderate: tar security update
2006-12-1900:00:00
access.redhat.com
21
EPSS
0.014
Percentile
86.6%
The GNU tar program saves many files together in one archive and can
restore individual files (or all of the files) from that archive.
Teemu Salmela discovered a path traversal flaw in the way GNU tar extracted
archives. A malicious user could create a tar archive that could write to
arbitrary files to which the user running GNU tar has write access.
(CVE-2006-6097)
Users of tar should upgrade to this updated package, which contains a
replacement backported patch to correct this issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | any | s390x | tar | < 1.13.25-15.RHEL3 | tar-1.13.25-15.RHEL3.s390x.rpm |
| RedHat | any | s390 | tar | < 1.14-12.RHEL4 | tar-1.14-12.RHEL4.s390.rpm |
| RedHat | any | ia64 | tar | < 1.13.25-6.AS21.1 | tar-1.13.25-6.AS21.1.ia64.rpm |
| RedHat | any | i386 | tar | < 1.13.25-6.AS21.1 | tar-1.13.25-6.AS21.1.i386.rpm |
| RedHat | any | ppc | tar | < 1.13.25-15.RHEL3 | tar-1.13.25-15.RHEL3.ppc.rpm |
| RedHat | any | ia64 | tar | < 1.14-12.RHEL4 | tar-1.14-12.RHEL4.ia64.rpm |
| RedHat | any | i386 | tar | < 1.13.25-15.RHEL3 | tar-1.13.25-15.RHEL3.i386.rpm |
| RedHat | any | ppc | tar | < 1.14-12.RHEL4 | tar-1.14-12.RHEL4.ppc.rpm |
| RedHat | any | x86_64 | tar | < 1.13.25-15.RHEL3 | tar-1.13.25-15.RHEL3.x86_64.rpm |
| RedHat | any | i386 | tar | < 1.14-12.RHEL4 | tar-1.14-12.RHEL4.i386.rpm |
Related
nessus
nessus
openSUSE 10 Security Update : tar (tar-2351)
2007-10-17 00:00:00
RHEL 2.1 / 3 / 4 : tar (RHSA-2006:0749)
2006-12-30 00:00:00
Oracle Linux 3 / 4 : tar (ELSA-2006-0749)
2013-07-12 00:00:00
openvas
openvas
SLES9: Security update for tar
2009-10-10 00:00:00
Slackware Advisory SSA:2006-335-01 tar
2012-09-11 00:00:00
FreeBSD Security Advisory (FreeBSD-SA-06:26.gtar.asc)
2008-09-04 00:00:00
debian
debian
[SECURITY] [DSA 1223-1] New tar packages fix arbitrary file overwrite
2006-12-01 16:26:11
[SECURITY] [DSA 1223-1] New tar packages fix arbitrary file overwrite
2006-12-01 16:26:11
oraclelinux
oraclelinux
Moderate tar security update
2006-12-20 00:00:00
centos
centos
tar security update
2006-12-20 03:41:54
tar security update
2006-12-20 15:42:51
exploitdb
exploitdb
GNU Tar 1.1x - 'GNUTYPE_NAMES' Directory Traversal
2006-11-21 00:00:00
gentoo
gentoo
Tar: Directory traversal vulnerability
2006-12-11 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-06:26.gtar
2006-12-06 00:00:00
freebsd
freebsd
gtar -- name mangling symlink vulnerability
2006-12-06 00:00:00
gtar -- GNUTYPE_NAMES directory traversal vulnerability
2006-11-21 00:00:00
ubuntu
ubuntu
tar vulnerability
2006-11-27 00:00:00
slackware
slackware
[slackware-security] tar
2006-12-01 22:55:57
cvelist
cvelist
CVE-2006-6097
2006-11-24 18:00:00
debiancve
debiancve
CVE-2006-6097
2006-11-24 18:07:00
cve
cve
CVE-2006-6097
2006-11-24 18:07:00
ubuntucve
ubuntucve
CVE-2006-6097
2006-11-24 00:00:00
nvd
nvd
CVE-2006-6097
2006-11-24 18:07:00