Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.57660
Kategorie:Turbolinux Local Security Tests
Titel:Turbolinux TLSA-2006-42 (tar)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing an update to tar
announced via advisory TLSA-2006-42.

The program saves many files together into a single tape or disk
archive, and can restore individual files from the archive. It
includes multivolume support, the ability to archive sparse files,
automatic archive compression/decompression, remote archives and
special features that allow 'tar' to be used for incremental and full backups.

The tar allows attackers to overwrite arbitrary files
via a symbolic link attack.

This vulnerability may allow attackers to overwrite arbitrary files
via a symbolic link attack.

Solution: Please use the turbopkg (zabom) tool to apply the update.
https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2006-42

Risk factor : Medium

CVSS Score:
4.0

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2006-6097
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
BugTraq ID: 21235
http://www.securityfocus.com/bid/21235
Bugtraq: 20061201 rPSA-2006-0222-1 tar (Google Search)
http://www.securityfocus.com/archive/1/453286/100/0/threaded
Bugtraq: 20070330 VMSA-2007-0002 VMware ESX security updates (Google Search)
http://www.securityfocus.com/archive/1/464268/100/0/threaded
Cert/CC Advisory: TA07-072A
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
Debian Security Information: DSA-1223 (Google Search)
http://www.debian.org/security/2006/dsa-1223
FreeBSD Security Advisory: FreeBSD-SA-06:26
http://security.freebsd.org/advisories/FreeBSD-SA-06:26.gtar.asc
http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050812.html
http://security.gentoo.org/glsa/glsa-200612-10.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:219
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216937
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.038.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10963
RedHat Security Advisories: RHSA-2006:0749
http://rhn.redhat.com/errata/RHSA-2006-0749.html
http://securitytracker.com/id?1017423
http://secunia.com/advisories/23115
http://secunia.com/advisories/23117
http://secunia.com/advisories/23142
http://secunia.com/advisories/23146
http://secunia.com/advisories/23163
http://secunia.com/advisories/23173
http://secunia.com/advisories/23198
http://secunia.com/advisories/23209
http://secunia.com/advisories/23314
http://secunia.com/advisories/23443
http://secunia.com/advisories/23514
http://secunia.com/advisories/23911
http://secunia.com/advisories/24479
http://secunia.com/advisories/24636
SGI Security Advisory: 20061202-01-P
ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.469379
http://securityreason.com/securityalert/1918
http://www.trustix.org/errata/2006/0068/
http://www.ubuntu.com/usn/usn-385-1
http://www.vupen.com/english/advisories/2006/4717
http://www.vupen.com/english/advisories/2006/5102
http://www.vupen.com/english/advisories/2007/0930
http://www.vupen.com/english/advisories/2007/1171
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.