Secunia Logo  
 Vulnerability IntelligenceVulnerability ScanningCommunityBlogCorporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Intelligence > Secunia Advisories > Ubuntu update for tar
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists & RSS
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About
 
Ubuntu update for tar
Secunia Advisory: SA23142
Advisory Toolbox:
Issue ticket
Save in to-do list
Mark as handled
Exploit information
Download as PDF
Review actions
Add comment
Release Date: 2006-11-28
Popularity: 5,562 views

Critical:
Moderately critical
Impact: Manipulation of data
Where: From remote
Solution Status: Vendor Patch

OS:Ubuntu Linux 5.10
Ubuntu Linux 6.06
Ubuntu Linux 6.10
Subscribe: Instant alerts on relevant vulnerabilities

CVE reference:CVE-2006-6097
Description:
Ubuntu has issued an update for tar. This fixes a security issue, which can be exploited by malicious people to overwrite arbitrary files.

For more information:
SA23115

Solution:
Apply updated packages.

-- Ubuntu 5.10 --

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.15.1-2ubuntu0.2.diff.gz
Size/MD5: 29654 155f4628f9fef19aa20e3927a857fd0d
http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.15.1-2ubuntu0.2.dsc
Size/MD5: 574 22006def60be25510613a955ca7e90d2
http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.15.1.orig.tar.gz
Size/MD5: 2204322 d87021366fe6488e9dc398fcdcb6ed7d

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/poo...t/tar/tar_1.15.1-2ubuntu0.2_amd64.deb
Size/MD5: 531932 d507bfc76276c9cc43ebf56f9d69038a

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.15.1-2ubuntu0.2_i386.deb
Size/MD5: 519858 ed19ee38f074d841366737e880a5c626

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/poo...tar/tar_1.15.1-2ubuntu0.2_powerpc.deb
Size/MD5: 533886 5d0d477d0bbe5589f5a3181144099c92

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/poo...t/tar/tar_1.15.1-2ubuntu0.2_sparc.deb
Size/MD5: 525056 1fa9aa25fbbc81c4fcf767c28b4eb991

-- Ubuntu 6.06 LTS --

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.15.1-2ubuntu2.1.diff.gz
Size/MD5: 30078 32b5ca833a90aa5bcbc3941a07dbf81a
http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.15.1-2ubuntu2.1.dsc
Size/MD5: 574 c68c40e5d79b9afd13626694b0bcb2d4
http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.15.1.orig.tar.gz
Size/MD5: 2204322 d87021366fe6488e9dc398fcdcb6ed7d

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/poo...t/tar/tar_1.15.1-2ubuntu2.1_amd64.deb
Size/MD5: 532022 ddcb1e2e8770645f683b462b095ff851

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.15.1-2ubuntu2.1_i386.deb
Size/MD5: 519384 be7fa1ac67587e1ef574ed457e967454

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/poo...tar/tar_1.15.1-2ubuntu2.1_powerpc.deb
Size/MD5: 533876 4b9404feef3aaaf23cf28abd1432517b

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/poo...t/tar/tar_1.15.1-2ubuntu2.1_sparc.deb
Size/MD5: 523654 1164fe3b20e4f530df21258907f3cd9d

-- Ubuntu 6.10 --

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.15.91-2ubuntu0.3.diff.gz
Size/MD5: 16849 1776a8a649f3fec68c6990accd5f47c8
http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.15.91-2ubuntu0.3.dsc
Size/MD5: 596 58f9bea1622976afa48a7eb61e8945e8
http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.15.91.orig.tar.gz
Size/MD5: 2016367 e2338a16b0464ec03826e000dae990a0

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/poo.../tar/tar_1.15.91-2ubuntu0.3_amd64.deb
Size/MD5: 361636 9580b1e23dc58caf6af9543dbe045dca

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/poo...t/tar/tar_1.15.91-2ubuntu0.3_i386.deb
Size/MD5: 346396 4bb2868d5fc2855a8242c6c89c7afb12

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/poo...ar/tar_1.15.91-2ubuntu0.3_powerpc.deb
Size/MD5: 365486 79ddf1293d8e759fd96fee0c612d6000

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/poo.../tar/tar_1.15.91-2ubuntu0.3_sparc.deb
Size/MD5: 348136 ffdb48742e8bc415682f18d6c74f70c2

Original Advisory:
http://www.ubuntu.com/usn/usn-385-1

Other References:
SA23115:
http://secunia.com/advisories/23115/

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

8th Jan, 2009
New advisories: 24
New vulnerabilities: 99
Updated advisories: 26

Moderately // 312 views
Drupal Project Module File Upload and Cross-Site Scripting
Less // 317 views
SmbFTPD Long Command Processing Vulnerability
Less // 366 views
Drupal Project Issue Tracking Module Multiple Vulnerabilities
Less // 326 views
PHP-Fusion Members CV Module "sortby" SQL Injection Vulnerability
Moderately // 365 views
Lasso OpenSSL "DSA_verify()" Spoofing Vulnerability
Moderately // 306 views
Xdg-utils mailcap Command Execution Security Issue
Less // 341 views
FreeBSD update for lukemftpd
Less // 322 views
tnftpd Long Command Processing Vulnerability
Moderately // 455 views
Cisco Global Site Selector DNS Request Denial of Service
Less // 403 views
NTP OpenSSL "EVP_VerifyFinal()" Spoofing Vulnerability

Solutions | More...  

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. Drupal Project Issue Tracking Module Multiple Vulnerabilities // 31 views
2. Drupal Project Module File Upload and Cross-Site Scripting // 27 views
3. Internet Explorer Data Binding Memory Corruption Vulnerability // 23 views
4. SmbFTPD Long Command Processing Vulnerability // 23 views
5. FreeBSD update for openssl // 21 views
6. FreeBSD update for lukemftpd // 20 views
7. Cisco Global Site Selector DNS Request Denial of Service // 20 views
8. PHPLIB Session Handling SQL Injection Vulnerability // 19 views
9. PHP-Fusion Members CV Module "sortby" SQL Injection Vulnerability // 19 views
10. Lasso OpenSSL "DSA_verify()" Spoofing Vulnerability // 19 views



Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs | About Secunia
Copyright Secunia 2002-2009