ID CVE-2010-0624
Summary Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character.
References
Vulnerable Configurations
  • GNU cpio 1.0
    cpe:2.3:a:gnu:cpio:1.0
  • GNU cpio 1.1
    cpe:2.3:a:gnu:cpio:1.1
  • GNU cpio 1.2
    cpe:2.3:a:gnu:cpio:1.2
  • GNU cpio 1.3
    cpe:2.3:a:gnu:cpio:1.3
  • GNU cpio 2.4.2
    cpe:2.3:a:gnu:cpio:2.4-2
  • GNU cpio 2.5
    cpe:2.3:a:gnu:cpio:2.5
  • GNU cpio 2.5.90
    cpe:2.3:a:gnu:cpio:2.5.90
  • GNU cpio 2.6
    cpe:2.3:a:gnu:cpio:2.6
  • cpe:2.3:a:gnu:cpio:2.7
    cpe:2.3:a:gnu:cpio:2.7
  • cpe:2.3:a:gnu:cpio:2.8
    cpe:2.3:a:gnu:cpio:2.8
  • cpe:2.3:a:gnu:cpio:2.9
    cpe:2.3:a:gnu:cpio:2.9
  • cpe:2.3:a:gnu:cpio:2.10
    cpe:2.3:a:gnu:cpio:2.10
  • GNU tar 1.13
    cpe:2.3:a:gnu:tar:1.13
  • GNU tar 1.13.5
    cpe:2.3:a:gnu:tar:1.13.5
  • GNU tar 1.13.11
    cpe:2.3:a:gnu:tar:1.13.11
  • GNU tar 1.13.14
    cpe:2.3:a:gnu:tar:1.13.14
  • GNU tar 1.13.16
    cpe:2.3:a:gnu:tar:1.13.16
  • GNU tar 1.13.17
    cpe:2.3:a:gnu:tar:1.13.17
  • GNU tar 1.13.18
    cpe:2.3:a:gnu:tar:1.13.18
  • GNU tar 1.13.19
    cpe:2.3:a:gnu:tar:1.13.19
  • GNU tar 1.13.25
    cpe:2.3:a:gnu:tar:1.13.25
  • GNU tar 1.14
    cpe:2.3:a:gnu:tar:1.14
  • GNU tar 1.14.1
    cpe:2.3:a:gnu:tar:1.14.1
  • GNU tar 1.14.90
    cpe:2.3:a:gnu:tar:1.14.90
  • GNU tar 1.15
    cpe:2.3:a:gnu:tar:1.15
  • GNU tar 1.15.1
    cpe:2.3:a:gnu:tar:1.15.1
  • GNU tar 1.15.90
    cpe:2.3:a:gnu:tar:1.15.90
  • GNU tar 1.15.91
    cpe:2.3:a:gnu:tar:1.15.91
  • GNU tar 1.16
    cpe:2.3:a:gnu:tar:1.16
  • GNU Tar 1.16.1
    cpe:2.3:a:gnu:tar:1.16.1
  • GNU Tar 1.17
    cpe:2.3:a:gnu:tar:1.17
  • GNU Tar 1.18
    cpe:2.3:a:gnu:tar:1.18
  • GNU Tar 1.19
    cpe:2.3:a:gnu:tar:1.19
  • GNU Tar 1.20
    cpe:2.3:a:gnu:tar:1.20
  • GNU Tar 1.21
    cpe:2.3:a:gnu:tar:1.21
  • GNU Tar 1.22
    cpe:2.3:a:gnu:tar:1.22
CVSS
Base: 6.8 (as of 15-03-2010 - 14:16)
Impact:
Exploitability:
CWE CWE-119
CAPEC
  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
  • Overflow Binary Resource File
    An attack of this type exploits a buffer overflow vulnerability in the handling of binary resources. Binary resources may include music files like MP3, image files like JPEG files, and any other binary file. These attacks may pass unnoticed to the client machine through normal usage of files, such as a browser loading a seemingly innocent JPEG file. This can allow the attacker access to the execution stack and execute arbitrary code in the target process. This attack pattern is a variant of standard buffer overflow attacks using an unexpected vector (binary files) to wrap its attack and open up a new attack vector. The attacker is required to either directly serve the binary content to the victim, or place it in a locale like a MP3 sharing application, for the victim to download. The attacker then is notified upon the download or otherwise locates the vulnerability opened up by the buffer overflow.
  • Buffer Overflow via Symbolic Links
    This type of attack leverages the use of symbolic links to cause buffer overflows. An attacker can try to create or manipulate a symbolic link file such that its contents result in out of bounds data. When the target software processes the symbolic link file, it could potentially overflow internal buffers with insufficient bounds checking.
  • Overflow Variables and Tags
    This type of attack leverages the use of tags or variables from a formatted configuration data to cause buffer overflow. The attacker crafts a malicious HTML page or configuration file that includes oversized strings, thus causing an overflow.
  • Buffer Overflow via Parameter Expansion
    In this attack, the target software is given input that the attacker knows will be modified and expanded in size during processing. This attack relies on the target software failing to anticipate that the expanded data may exceed some internal limit, thereby creating a buffer overflow.
  • Buffer Overflow in an API Call
    This attack targets libraries or shared code modules which are vulnerable to buffer overflow attacks. An attacker who has access to an API may try to embed malicious code in the API function call and exploit a buffer overflow vulnerability in the function's implementation. All clients that make use of the code library thus become vulnerable by association. This has a very broad effect on security across a system, usually affecting more than one software process.
  • Buffer Overflow in Local Command-Line Utilities
    This attack targets command-line utilities available in a number of shells. An attacker can leverage a vulnerability found in a command-line utility to escalate privilege to root.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2010-0141.NASL
    description An updated tar package that fixes two security issues is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNU tar program saves many files together in one archive and can restore individual files (or all of the files) from that archive. A heap-based buffer overflow flaw was found in the way tar expanded archive files. If a user were tricked into expanding a specially crafted archive, it could cause the tar executable to crash or execute arbitrary code with the privileges of the user running tar. (CVE-2010-0624) Red Hat would like to thank Jakob Lell for responsibly reporting the CVE-2010-0624 issue. A denial of service flaw was found in the way tar expanded archive files. If a user expanded a specially crafted archive, it could cause the tar executable to crash. (CVE-2007-4476) Users of tar are advised to upgrade to this updated package, which contains backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 46264
    published 2010-05-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46264
    title RHEL 4 / 5 : tar (RHSA-2010:0141)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2010-0141.NASL
    description From Red Hat Security Advisory 2010:0141 : An updated tar package that fixes two security issues is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNU tar program saves many files together in one archive and can restore individual files (or all of the files) from that archive. A heap-based buffer overflow flaw was found in the way tar expanded archive files. If a user were tricked into expanding a specially crafted archive, it could cause the tar executable to crash or execute arbitrary code with the privileges of the user running tar. (CVE-2010-0624) Red Hat would like to thank Jakob Lell for responsibly reporting the CVE-2010-0624 issue. A denial of service flaw was found in the way tar expanded archive files. If a user expanded a specially crafted archive, it could cause the tar executable to crash. (CVE-2007-4476) Users of tar are advised to upgrade to this updated package, which contains backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68008
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68008
    title Oracle Linux 4 / 5 : tar (ELSA-2010-0141)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_139100-04.NASL
    description SunOS 5.10_x86: gtar patch. Date this patch was last updated by Sun : Apr/19/10
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 108007
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108007
    title Solaris 10 (x86) : 139100-04
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_139099-04.NASL
    description SunOS 5.10: gtar patch. Date this patch was last updated by Sun : Apr/19/10
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107509
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107509
    title Solaris 10 (sparc) : 139099-04
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2010-0145.NASL
    description From Red Hat Security Advisory 2010:0145 : An updated cpio package that fixes two security issues is now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU cpio copies files into or out of a cpio or tar archive. A heap-based buffer overflow flaw was found in the way cpio expanded archive files. If a user were tricked into expanding a specially crafted archive, it could cause the cpio executable to crash or execute arbitrary code with the privileges of the user running cpio. (CVE-2010-0624) Red Hat would like to thank Jakob Lell for responsibly reporting the CVE-2010-0624 issue. A stack-based buffer overflow flaw was found in the way cpio expanded large archive files. If a user expanded a specially crafted archive, it could cause the cpio executable to crash. This issue only affected 64-bit platforms. (CVE-2005-4268) Users of cpio are advised to upgrade to this updated package, which contains backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68012
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68012
    title Oracle Linux 3 : cpio (ELSA-2010-0145)
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2010-0013_REMOTE.NASL
    description The remote VMware ESX host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several third-party components and libraries : - GNU cpio - GNU cpio on 64-bit - GNU tar - Kerberos 5 - Perl - PostgreSQL - Safe Module for Perl Automagic Methods - Samba smbd
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 89741
    published 2016-03-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89741
    title VMware ESX Multiple Vulnerabilities (VMSA-2010-0013) (remote check)
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2010-0013.NASL
    description a. Service Console update for cpio The service console package cpio is updated to version 2.5-6.RHEL3 for ESX 3.x versions and updated to version 2.6-23.el5_4.1 for ESX 4.x versions. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-4268 and CVE-2010-0624 to the issues addressed in the update for ESX 3.x and the names CVE-2007-4476 and CVE-2010-0624 to the issues addressed in the update for ESX 4.x. b. Service Console update for tar The service console package tar is updated to version 1.13.25-16.RHEL3 for ESX 3.x versions and updated to version 1.15.1-23.0.1.el5_4.2 for ESX 4.x versions. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-0624 to the issue addressed in the update for ESX 3.x and the names CVE-2007-4476 and CVE-2010-0624 to the issues addressed in the update for ESX 4.x. c. Service Console update for samba The service console packages for samba are updated to version samba-3.0.9-1.3E.17vmw, samba-client-3.0.9-1.3E.17vmw and samba-common-3.0.9-1.3E.17vmw. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-2063 to the issue addressed in this update. Note : The issue mentioned above is present in the Samba server (smbd) and is not present in the Samba client or Samba common packages. To determine if your system has Samba server installed do a 'rpm -q samba`. The following lists when the Samba server is installed on the ESX service console : - ESX 4.0, ESX 4.1 The Samba server is not present on ESX 4.0 and ESX 4.1. - ESX 3.5 The Samba server is present if an earlier patch for Samba has been installed. - ESX 3.0.3 The Samba server is present if ESX 3.0.3 was upgraded from an earlier version of ESX 3 and a Samba patch was installed on that version. The Samba server is not needed to operate the service console and can be be disabled without loss of functionality to the service console. d. Service Console update for krb5 The service console package krb5 is updated to version 1.2.7-72 for ESX 3.x versions and to version 1.6.1-36.el5_5.4 for ESX 4.x versions. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-1321 to the issue addressed in these updates. e. Service Console update for perl The service console package perl is updated to version 5.8.0-101.EL3 for ESX 3.x versions and version 5.8.8-32.el5_5.1 for ESX 4.x versions. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-1168 and CVE-2010-1447 to the issues addressed in the update for ESX 3.x and the names CVE-2008-5302, CVE-2008-5303, CVE-2010-1168, and CVE-2010-1447 to the issues addressed in the update for ESX 4.x.
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 49085
    published 2010-09-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=49085
    title VMSA-2010-0013 : VMware ESX third-party updates for Service Console
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2010-0145.NASL
    description An updated cpio package that fixes two security issues is now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU cpio copies files into or out of a cpio or tar archive. A heap-based buffer overflow flaw was found in the way cpio expanded archive files. If a user were tricked into expanding a specially crafted archive, it could cause the cpio executable to crash or execute arbitrary code with the privileges of the user running cpio. (CVE-2010-0624) Red Hat would like to thank Jakob Lell for responsibly reporting the CVE-2010-0624 issue. A stack-based buffer overflow flaw was found in the way cpio expanded large archive files. If a user expanded a specially crafted archive, it could cause the cpio executable to crash. This issue only affected 64-bit platforms. (CVE-2005-4268) Users of cpio are advised to upgrade to this updated package, which contains backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 45090
    published 2010-03-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45090
    title CentOS 3 : cpio (CESA-2010:0145)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2010-0144.NASL
    description From Red Hat Security Advisory 2010:0144 : An updated cpio package that fixes two security issues is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU cpio copies files into or out of a cpio or tar archive. A heap-based buffer overflow flaw was found in the way cpio expanded archive files. If a user were tricked into expanding a specially crafted archive, it could cause the cpio executable to crash or execute arbitrary code with the privileges of the user running cpio. (CVE-2010-0624) Red Hat would like to thank Jakob Lell for responsibly reporting the CVE-2010-0624 issue. A denial of service flaw was found in the way cpio expanded archive files. If a user expanded a specially crafted archive, it could cause the cpio executable to crash. (CVE-2007-4476) Users of cpio are advised to upgrade to this updated package, which contains backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68011
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68011
    title Oracle Linux 5 : cpio (ELSA-2010-0144)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2456-1.NASL
    description Michal Zalewski discovered an out of bounds write issue in the process_copy_in function of GNU cpio. An attacker could specially craft a cpio archive that could create a denial of service or possibly execute arbitrary code. (CVE-2014-9112) Jakob Lell discovered a heap-based buffer overflow in the rmt_read__ function of GNU cpio's rmt client functionality. An attacker controlling a remote rmt server could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 10.04 LTS. (CVE-2010-0624). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 80441
    published 2015-01-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80441
    title Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : cpio vulnerabilities (USN-2456-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2010-0145.NASL
    description An updated cpio package that fixes two security issues is now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU cpio copies files into or out of a cpio or tar archive. A heap-based buffer overflow flaw was found in the way cpio expanded archive files. If a user were tricked into expanding a specially crafted archive, it could cause the cpio executable to crash or execute arbitrary code with the privileges of the user running cpio. (CVE-2010-0624) Red Hat would like to thank Jakob Lell for responsibly reporting the CVE-2010-0624 issue. A stack-based buffer overflow flaw was found in the way cpio expanded large archive files. If a user expanded a specially crafted archive, it could cause the cpio executable to crash. This issue only affected 64-bit platforms. (CVE-2005-4268) Users of cpio are advised to upgrade to this updated package, which contains backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 46268
    published 2010-05-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46268
    title RHEL 3 : cpio (RHSA-2010:0145)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20100315_CPIO_ON_SL3_X.NASL
    description CVE-2005-4268 cpio large filesize buffer overflow CVE-2007-4476 tar/cpio stack crashing in safer_name_suffix CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a specially crafted archive A heap-based buffer overflow flaw was found in the way cpio expanded archive files. If a user were tricked into expanding a specially crafted archive, it could cause the cpio executable to crash or execute arbitrary code with the privileges of the user running cpio. (CVE-2010-0624) A stack-based buffer overflow flaw was found in the way cpio expanded large archive files. If a user expanded a specially crafted archive, it could cause the cpio executable to crash. This issue only affected 64-bit platforms. (CVE-2005-4268) - SL3 Only A denial of service flaw was found in the way cpio expanded archive files. If a user expanded a specially crafted archive, it could cause the cpio executable to crash. (CVE-2007-4476) - SL5 Only
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60745
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60745
    title Scientific Linux Security Update : cpio on SL3.x, SL4.x, SL5.x i386/x86_64
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2010-0142.NASL
    description From Red Hat Security Advisory 2010:0142 : An updated tar package that fixes one security issue is now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNU tar program saves many files together in one archive and can restore individual files (or all of the files) from that archive. A heap-based buffer overflow flaw was found in the way tar expanded archive files. If a user were tricked into expanding a specially crafted archive, it could cause the tar executable to crash or execute arbitrary code with the privileges of the user running tar. (CVE-2010-0624) Red Hat would like to thank Jakob Lell for responsibly reporting this issue. Users of tar are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68009
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68009
    title Oracle Linux 3 : tar (ELSA-2010-0142)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-4309.NASL
    description - CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a specially crafted archive (#572149) - realloc within check_exclusion_tags() caused invalid write (#570591) - not closing file descriptors for excluded files/dirs with exlude-tag... options could cause descriptor exhaustion (#570591) - do not fail with POSIX 2008 glibc futimens() (#552320) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 47351
    published 2010-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47351
    title Fedora 12 : tar-1.22-12.fc12 (2010-4309)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-4321.NASL
    description - CVE-2010-0624 fix heap-based buffer overflow by expanding a specially- crafted archive(#572150) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-20
    plugin id 47353
    published 2010-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47353
    title Fedora 12 : cpio-2.10-5.fc12 (2010-4321)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_12596.NASL
    description A malicious remote tape server could cause a buffer overflow in tar. In order to exploit that an attacker would have to trick the victim to extract a file that causes tar to open a connection to the rmt server (CVE-2010-0624). It's advisable to always use tar's --force-local local option to avoid such tricks.
    last seen 2019-02-21
    modified 2012-04-23
    plugin id 46205
    published 2010-05-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46205
    title SuSE9 Security Update : tar (YOU Patch Number 12596)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2010-0143.NASL
    description From Red Hat Security Advisory 2010:0143 : An updated cpio package that fixes one security issue is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU cpio copies files into or out of a cpio or tar archive. A heap-based buffer overflow flaw was found in the way cpio expanded archive files. If a user were tricked into expanding a specially crafted archive, it could cause the cpio executable to crash or execute arbitrary code with the privileges of the user running cpio. (CVE-2010-0624) Red Hat would like to thank Jakob Lell for responsibly reporting this issue. Users of cpio are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68010
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68010
    title Oracle Linux 4 : cpio (ELSA-2010-0143)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_TAR-100312.NASL
    description A malicious remote tape server could cause a buffer overflow in tar. In order to exploit that an attacker would have to trick the victim to extract a file that causes tar to open a connection to the rmt server (CVE-2010-0624). It's advisable to always use tar's --force-local local option to avoid such tricks.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 46209
    published 2010-05-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46209
    title openSUSE Security Update : tar (openSUSE-SU-2010:0189-1)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2010-0144.NASL
    description An updated cpio package that fixes two security issues is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU cpio copies files into or out of a cpio or tar archive. A heap-based buffer overflow flaw was found in the way cpio expanded archive files. If a user were tricked into expanding a specially crafted archive, it could cause the cpio executable to crash or execute arbitrary code with the privileges of the user running cpio. (CVE-2010-0624) Red Hat would like to thank Jakob Lell for responsibly reporting the CVE-2010-0624 issue. A denial of service flaw was found in the way cpio expanded archive files. If a user expanded a specially crafted archive, it could cause the cpio executable to crash. (CVE-2007-4476) Users of cpio are advised to upgrade to this updated package, which contains backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 45068
    published 2010-03-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45068
    title CentOS 5 : cpio (CESA-2010:0144)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2010-0141.NASL
    description An updated tar package that fixes two security issues is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNU tar program saves many files together in one archive and can restore individual files (or all of the files) from that archive. A heap-based buffer overflow flaw was found in the way tar expanded archive files. If a user were tricked into expanding a specially crafted archive, it could cause the tar executable to crash or execute arbitrary code with the privileges of the user running tar. (CVE-2010-0624) Red Hat would like to thank Jakob Lell for responsibly reporting the CVE-2010-0624 issue. A denial of service flaw was found in the way tar expanded archive files. If a user expanded a specially crafted archive, it could cause the tar executable to crash. (CVE-2007-4476) Users of tar are advised to upgrade to this updated package, which contains backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 45067
    published 2010-03-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45067
    title CentOS 4 / 5 : tar (CESA-2010:0141)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_CPIO-100328.NASL
    description - This update fixes a heap-based buffer overflow flaw that can happen while expanding specially crafted archive files. (CVE-2010-0624) - This updates Dat160 Tape Drive density information (bnc#415166)
    last seen 2019-02-21
    modified 2014-08-16
    plugin id 50899
    published 2010-12-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=50899
    title SuSE 11 Security Update : cpio (SAT Patch Number 2198)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201311-21.NASL
    description The remote host is affected by the vulnerability described in GLSA-201311-21 (cpio: Arbitrary code execution) Cpio contains a heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c. Impact : A remote server could sending more data than was requested, related to archive filenames that contain a : (colon) character, possibly resulting in execution of arbitrary code or a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 71123
    published 2013-11-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71123
    title GLSA-201311-21 : cpio: Arbitrary code execution
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201111-11.NASL
    description The remote host is affected by the vulnerability described in GLSA-201111-11 (GNU Tar: User-assisted execution of arbitrary code) GNU Tar is vulnerable to a boundary error in the rmt_read__ function in lib/rtapelib.c, which could cause a heap-based buffer overflow. Impact : A remote attacker could entice the user to load a specially crafted archive, possibly resulting in the execution of arbitrary code or a Denial of Service. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 56907
    published 2011-11-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56907
    title GLSA-201111-11 : GNU Tar: User-assisted execution of arbitrary code
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-4302.NASL
    description - CVE-2010-0624 fix heap-based buffer overflow by expanding a specially- crafted archive(#572150) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-20
    plugin id 47349
    published 2010-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47349
    title Fedora 11 : cpio-2.9.90-8.fc11 (2010-4302)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2010-065.NASL
    description A vulnerability has been found and corrected in cpio and tar : Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character (CVE-2010-0624). The Tar package as shipped with Mandriva Linux is not affected by this vulnerability, but it was patched nonetheless in order to provide additional security to customers who recompile the package while having the rsh package installed. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 45137
    published 2010-03-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45137
    title Mandriva Linux Security Advisory : cpio (MDVSA-2010:065)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_2_TAR-100312.NASL
    description A malicious remote tape server could cause a buffer overflow in tar. In order to exploit that an attacker would have to trick the victim to extract a file that causes tar to open a connection to the rmt server (CVE-2010-0624). It's advisable to always use tar's --force-local local option to avoid such tricks.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 46211
    published 2010-05-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46211
    title openSUSE Security Update : tar (openSUSE-SU-2010:0189-1)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2010-0142.NASL
    description An updated tar package that fixes one security issue is now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNU tar program saves many files together in one archive and can restore individual files (or all of the files) from that archive. A heap-based buffer overflow flaw was found in the way tar expanded archive files. If a user were tricked into expanding a specially crafted archive, it could cause the tar executable to crash or execute arbitrary code with the privileges of the user running tar. (CVE-2010-0624) Red Hat would like to thank Jakob Lell for responsibly reporting this issue. Users of tar are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 45088
    published 2010-03-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45088
    title CentOS 3 : tar (CESA-2010:0142)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_TAR-100312.NASL
    description A malicious remote tape server could cause a buffer overflow in tar. In order to exploit that an attacker would have to trick the victim to extract a file that causes tar to open a connection to the rmt server (CVE-2010-0624). It's advisable to always use tar's --force-local local option to avoid such tricks.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 46207
    published 2010-05-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46207
    title openSUSE Security Update : tar (openSUSE-SU-2010:0189-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2010-0142.NASL
    description An updated tar package that fixes one security issue is now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNU tar program saves many files together in one archive and can restore individual files (or all of the files) from that archive. A heap-based buffer overflow flaw was found in the way tar expanded archive files. If a user were tricked into expanding a specially crafted archive, it could cause the tar executable to crash or execute arbitrary code with the privileges of the user running tar. (CVE-2010-0624) Red Hat would like to thank Jakob Lell for responsibly reporting this issue. Users of tar are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 46265
    published 2010-05-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46265
    title RHEL 3 : tar (RHSA-2010:0142)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_12603.NASL
    description This update fixes a heap-based buffer overflow flaw that can happen while expanding specially crafted archive files. (CVE-2010-0624)
    last seen 2019-02-21
    modified 2014-08-16
    plugin id 46216
    published 2010-05-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46216
    title SuSE9 Security Update : cpio (YOU Patch Number 12603)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2010-0143.NASL
    description An updated cpio package that fixes one security issue is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU cpio copies files into or out of a cpio or tar archive. A heap-based buffer overflow flaw was found in the way cpio expanded archive files. If a user were tricked into expanding a specially crafted archive, it could cause the cpio executable to crash or execute arbitrary code with the privileges of the user running cpio. (CVE-2010-0624) Red Hat would like to thank Jakob Lell for responsibly reporting this issue. Users of cpio are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 45089
    published 2010-03-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45089
    title CentOS 4 : cpio (CESA-2010:0143)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-4267.NASL
    description - CVE-2010-0624 fix heap-based buffer overflow by expanding a specially- crafted archive(#572150) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-20
    plugin id 47344
    published 2010-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47344
    title Fedora 13 : cpio-2.10-6.fc13 (2010-4267)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2010-0144.NASL
    description An updated cpio package that fixes two security issues is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU cpio copies files into or out of a cpio or tar archive. A heap-based buffer overflow flaw was found in the way cpio expanded archive files. If a user were tricked into expanding a specially crafted archive, it could cause the cpio executable to crash or execute arbitrary code with the privileges of the user running cpio. (CVE-2010-0624) Red Hat would like to thank Jakob Lell for responsibly reporting the CVE-2010-0624 issue. A denial of service flaw was found in the way cpio expanded archive files. If a user expanded a specially crafted archive, it could cause the cpio executable to crash. (CVE-2007-4476) Users of cpio are advised to upgrade to this updated package, which contains backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 46267
    published 2010-05-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46267
    title RHEL 5 : cpio (RHSA-2010:0144)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_TAR-6922.NASL
    description A malicious remote tape server could cause a buffer overflow in tar. In order to exploit that an attacker would have to trick the victim to extract a file that causes tar to open a connection to the rmt server (CVE-2010-0624). It's advisable to always use tar's -force-local local option to avoid such tricks.
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 49928
    published 2010-10-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=49928
    title SuSE 10 Security Update : tar (ZYPP Patch Number 6922)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20100315_TAR_ON_SL3_X.NASL
    description CVE-2007-4476 tar/cpio stack crashing in safer_name_suffix CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a specially crafted archive A heap-based buffer overflow flaw was found in the way tar expanded archive files. If a user were tricked into expanding a specially crafted archive, it could cause the tar executable to crash or execute arbitrary code with the privileges of the user running tar. (CVE-2010-0624) A denial of service flaw was found in the way tar expanded archive files. If a user expanded a specially crafted archive, it could cause the tar executable to crash. (CVE-2007-4476) - SL4 and SL5 Only
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60747
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60747
    title Scientific Linux Security Update : tar on SL3.x, SL4.x, SL5.x i386/x86_64
  • NASL family SuSE Local Security Checks
    NASL id SUSE_CPIO-6948.NASL
    description This update fixes a heap-based buffer overflow flaw that can happen while expanding specially crafted archive files. (CVE-2010-0624) It also contains changes for : fixed Dat160 Tape Drive density information (bnc#415166) fixed cpio issues with file sizes >= 2^32 fixed handling eof and eod marks. (bnc#371077)
    last seen 2019-02-21
    modified 2014-08-16
    plugin id 49840
    published 2010-10-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=49840
    title SuSE 10 Security Update : cpio (ZYPP Patch Number 6948)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_C175D72F377311DF8BB80211D880E350.NASL
    description Jakob Lell reports : The rmt client implementation of GNU Tar/Cpio contains a heap-based buffer overflow which possibly allows arbitrary code execution. The problem can be exploited when using an untrusted/compromised rmt server.
    last seen 2019-02-21
    modified 2018-11-23
    plugin id 45338
    published 2010-03-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45338
    title FreeBSD : gtar -- buffer overflow in rmt client (c175d72f-3773-11df-8bb8-0211d880e350)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-4274.NASL
    description - CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a specially crafted archive (#572149) - realloc within check_exclusion_tags() caused invalid write (#570591) - not closing file descriptors for excluded files/dirs with exlude-tag... options could cause descriptor exhaustion (#570591) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-20
    plugin id 47345
    published 2010-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47345
    title Fedora 13 : tar-1.22-16.fc13 (2010-4274)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_TAR-100312.NASL
    description A malicious remote tape server could cause a buffer overflow in tar. In order to exploit that an attacker would have to trick the victim to extract a file that causes tar to open a connection to the rmt server (CVE-2010-0624). It's advisable to always use tar's -force-local local option to avoid such tricks.
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 50962
    published 2010-12-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=50962
    title SuSE 11 Security Update : tar (SAT Patch Number 2124)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-4306.NASL
    description - CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a specially crafted archive (#572149) - realloc within check_exclusion_tags() caused invalid write (#570591) - not closing file descriptors for excluded files/dirs with exlude-tag... options could cause descriptor exhaustion (#570591) - do not fail with POSIX 2008 glibc futimens() (#552320) - fix segfault with corrupted metadata in code_ns_fraction (#531441) - commented patches and sources - store xattrs for symlinks (#525992) - by Kamil Dudka - update tar(1) manpage (#539787) - fix memory leak in xheader (#518079) - store SELinux context for symlinks (#525992) - provide symlink manpage for gtar - do process install-info only without --excludedocs(#515923) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-20
    plugin id 47350
    published 2010-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47350
    title Fedora 11 : tar-1.22-5.fc11 (2010-4306)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2010-0143.NASL
    description An updated cpio package that fixes one security issue is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU cpio copies files into or out of a cpio or tar archive. A heap-based buffer overflow flaw was found in the way cpio expanded archive files. If a user were tricked into expanding a specially crafted archive, it could cause the cpio executable to crash or execute arbitrary code with the privileges of the user running cpio. (CVE-2010-0624) Red Hat would like to thank Jakob Lell for responsibly reporting this issue. Users of cpio are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 46266
    published 2010-05-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46266
    title RHEL 4 : cpio (RHSA-2010:0143)
oval via4
  • accepted 2013-04-29T04:04:15.229-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character.
    family unix
    id oval:org.mitre.oval:def:10277
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character.
    version 24
  • accepted 2014-01-20T04:01:30.335-05:00
    class vulnerability
    contributors
    • name Varun
      organization Hewlett-Packard
    • name Chris Coffin
      organization The MITRE Corporation
    definition_extensions
    • comment VMware ESX Server 3.5.0 is installed
      oval oval:org.mitre.oval:def:5887
    • comment VMware ESX Server 4.0 is installed
      oval oval:org.mitre.oval:def:6293
    description Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character.
    family unix
    id oval:org.mitre.oval:def:6907
    status accepted
    submitted 2010-10-01T16:37:39.000-05:00
    title VMware ESX,Service Console update for cpio and tar.
    version 7
redhat via4
advisories
  • bugzilla
    id 564368
    title CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a specially-crafted archive
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhsa:tst:20060016001
      • comment tar is earlier than 0:1.14-13.el4_8.1
        oval oval:com.redhat.rhsa:tst:20100141002
      • comment tar is signed with Red Hat master key
        oval oval:com.redhat.rhsa:tst:20060749003
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhsa:tst:20070055001
      • comment tar is earlier than 2:1.15.1-23.0.1.el5_4.2
        oval oval:com.redhat.rhsa:tst:20100141005
      • comment tar is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20070860006
    rhsa
    id RHSA-2010:0141
    released 2010-03-15
    severity Moderate
    title RHSA-2010:0141: tar security update (Moderate)
  • bugzilla
    id 564368
    title CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a specially-crafted archive
    oval
    AND
    • comment Red Hat Enterprise Linux 3 is installed
      oval oval:com.redhat.rhsa:tst:20060015001
    • comment tar is earlier than 0:1.13.25-16.RHEL3
      oval oval:com.redhat.rhsa:tst:20100142002
    • comment tar is signed with Red Hat master key
      oval oval:com.redhat.rhsa:tst:20060749003
    rhsa
    id RHSA-2010:0142
    released 2010-03-15
    severity Moderate
    title RHSA-2010:0142: tar security update (Moderate)
  • bugzilla
    id 564368
    title CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a specially-crafted archive
    oval
    AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhsa:tst:20060016001
    • comment cpio is earlier than 0:2.5-16.el4_8.1
      oval oval:com.redhat.rhsa:tst:20100143002
    • comment cpio is signed with Red Hat master key
      oval oval:com.redhat.rhsa:tst:20070245003
    rhsa
    id RHSA-2010:0143
    released 2010-03-15
    severity Moderate
    title RHSA-2010:0143: cpio security update (Moderate)
  • bugzilla
    id 564368
    title CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a specially-crafted archive
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • comment cpio is earlier than 0:2.6-23.el5_4.1
      oval oval:com.redhat.rhsa:tst:20100144002
    • comment cpio is signed with Red Hat redhatrelease key
      oval oval:com.redhat.rhsa:tst:20100144003
    rhsa
    id RHSA-2010:0144
    released 2010-03-15
    severity Moderate
    title RHSA-2010:0144: cpio security update (Moderate)
  • bugzilla
    id 564368
    title CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a specially-crafted archive
    oval
    AND
    • comment Red Hat Enterprise Linux 3 is installed
      oval oval:com.redhat.rhsa:tst:20060015001
    • comment cpio is earlier than 0:2.5-6.RHEL3
      oval oval:com.redhat.rhsa:tst:20100145002
    • comment cpio is signed with Red Hat master key
      oval oval:com.redhat.rhsa:tst:20070245003
    rhsa
    id RHSA-2010:0145
    released 2010-03-15
    severity Moderate
    title RHSA-2010:0145: cpio security update (Moderate)
rpms
  • tar-0:1.14-13.el4_8.1
  • tar-2:1.15.1-23.0.1.el5_4.2
  • tar-0:1.13.25-16.RHEL3
  • cpio-0:2.5-16.el4_8.1
  • cpio-0:2.6-23.el5_4.1
  • cpio-0:2.5-6.RHEL3
refmap via4
bugtraq 20101027 rPSA-2010-0070-1 cpio tar
confirm
fedora
  • FEDORA-2010-2895
  • FEDORA-2010-4302
  • FEDORA-2010-4306
  • FEDORA-2010-4309
  • FEDORA-2010-4321
gentoo GLSA-201111-11
mandriva MDVSA-2010:065
misc http://www.agrs.tu-berlin.de/index.php?id=78327
osvdb 62950
secunia
  • 38869
  • 38988
  • 39008
suse SUSE-SR:2010:011
ubuntu USN-2456-1
vupen
  • ADV-2010-0628
  • ADV-2010-0629
  • ADV-2010-0639
  • ADV-2010-0687
  • ADV-2010-0728
  • ADV-2010-0729
  • ADV-2010-1107
Last major update 07-12-2016 - 22:01
Published 15-03-2010 - 09:28
Last modified 10-10-2018 - 15:53
Back to Top