CVE Reference: CVE-2006-0300

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2006-0300

Description:
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/24855

UBUNTU
  http://www.ubuntulinux.org/support/documentation/usn/usn-257-1

TRUSTIX
  http://www.trustix.org/errata/2006/0010

SUSE
  http://www.novell.com/linux/security/advisories/2006_05_sr.html

SUNALERT
  http://sunsolve.sun.com/search/document.do?assetkey=1-26-241646-1

ST
  1015705

SREASON
  http://securityreason.com/securityalert/480
  http://securityreason.com/securityalert/543

SAID
  Secunia Advisory: SA18976
  Secunia Advisory: SA18973
  Secunia Advisory: SA18999
  Secunia Advisory: SA19093
  Secunia Advisory: SA19130
  Secunia Advisory: SA19152
  Secunia Advisory: SA19236
  Secunia Advisory: SA19016
  Secunia Advisory: SA20042
  Secunia Advisory: SA24479
  Secunia Advisory: SA24966

REDHAT
  http://www.redhat.com/support/errata/RHSA-2006-0232.html

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9295
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6094
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5993
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5978
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5252

OSVDB
  23371

OPENPKG
  http://www.openpkg.org/security/OpenPKG-SA-2006.006-tar.html

MLIST
  http://lists.gnu.org/archive/html/bug-tar/2006-02/msg00051.html

MANDRIVA
  http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:046

GENTOO
  http://www.gentoo.org/security/en/glsa/glsa-200603-06.xml

FEDORA
  http://www.securityfocus.com/archive/1/archive/1/430299/100/0/threaded

DEBIAN
  http://www.debian.org/security/2006/dsa-987

CONFIRM
  http://docs.info.apple.com/article.html?artnum=305391
  http://docs.info.apple.com/article.html?artnum=305214

CERT
  http://www.us-cert.gov/cas/techalerts/TA07-072A.html
  http://www.us-cert.gov/cas/techalerts/TA07-109A.html

BID
  16764

APPLE
  http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
  http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html


Return to the previous page.