CVE-2006-0300 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-0300
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-0300

Description: Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/24855 UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-257-1 TRUSTIX http://www.trustix.org/errata/2006/0010 SUSE http://www.novell.com/linux/security/advisories/2006_05_sr.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-241646-1 ST 1015705 SREASON http://securityreason.com/securityalert/480 http://securityreason.com/securityalert/543 SAID Secunia Advisory: SA24966 Secunia Advisory: SA20042 Secunia Advisory: SA19016 Secunia Advisory: SA19236 Secunia Advisory: SA19152 Secunia Advisory: SA19130 Secunia Advisory: SA19093 Secunia Advisory: SA18999 Secunia Advisory: SA18973 Secunia Advisory: SA18976 Secunia Advisory: SA24479 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0232.html OSVDB 23371 OPENPKG http://www.openpkg.org/security/OpenPKG-SA-2006.006-tar.html MLIST http://lists.gnu.org/archive/html/bug-tar/2006-02/msg00051.html MANDRIVA http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:046 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200603-06.xml FEDORA http://www.securityfocus.com/archive/1/archive/1/430299/100/0/threaded DEBIAN http://www.debian.org/security/2006/dsa-987 CONFIRM http://docs.info.apple.com/article.html?artnum=305214 http://docs.info.apple.com/article.html?artnum=305391 CERT http://www.us-cert.gov/cas/techalerts/TA07-109A.html http://www.us-cert.gov/cas/techalerts/TA07-072A.html BID 16764 APPLE http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html

Return to the previous page.