Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Red Hat Local Security Checks >> RHSA-2006-0749: tar

Vulnerability Assessment Details

RHSA-2006-0749: tar
Vulnerability Assessment Summary
Check for the version of the tar packages

Detailed Explanation for this Vulnerability Assessment


Updated tar packages that fix a path traversal flaw are now available.

This update has been rated as having moderate security impact by the Red
Hat
Security Response Team.

The GNU tar program saves many files together in one archive and can
restore individual files (or all of the files) from that archive.

Teemu Salmela discovered a path traversal flaw in the way GNU tar extracted
archives. A malicious user could create a tar archive that could write to
arbitrary files to which the user running GNU tar has write access.
(CVE-2006-6097)

Users of tar should upgrade to this updated package, which contains a
replacement backported patch to correct this issue.




Solution : http://rhn.redhat.com/errata/RHSA-2006-0749.html
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2006 Tenable Network Security
Cables, Connectors


HP PROLIANT MICROSERVER MICRO SERVER HSTNS-5151 T4 Used. picture

HP PROLIANT MICROSERVER MICRO SERVER HSTNS-5151 T4 Used.

$45.00


HP ProLiant Xeon E3-1220L V2 16 GB RAM 2.30 GHz MicroServer Gen8 NO DRIVES picture

HP ProLiant Xeon E3-1220L V2 16 GB RAM 2.30 GHz MicroServer Gen8 NO DRIVES

$174.99


HPE PROLIANT MICROSERVER GEN10 PLUS MICRO TOWER SERVER - USED picture

HPE PROLIANT MICROSERVER GEN10 PLUS MICRO TOWER SERVER - USED

$550.00


Supermicro Server Tower Xeon BOOTS E5-2620 v4 2.10GHz 64GB RAM NO HDD NO OS picture

Supermicro Server Tower Xeon BOOTS E5-2620 v4 2.10GHz 64GB RAM NO HDD NO OS

$199.99


SuperMicro Server 505-2 Intel Atom 2.4GHz 8GB RAM SYS-5018A-FTN4 1U Rackmount picture

SuperMicro Server 505-2 Intel Atom 2.4GHz 8GB RAM SYS-5018A-FTN4 1U Rackmount

$202.49


HPE Proliant Microserver Gen10 X3421 Perf AMS, P03698-S01, 16GB Ram picture

HPE Proliant Microserver Gen10 X3421 Perf AMS, P03698-S01, 16GB Ram

$299.00


HP ProLiant HSTNS-5151 Micro Server 8GB RAM No Drives/Key/Caddies *READ* picture

HP ProLiant HSTNS-5151 Micro Server 8GB RAM No Drives/Key/Caddies *READ*

$94.99


HP/HPE ProLiant AMD Opteron X3216 APU 16 GB RAM MicroServer Gen 10 NO DRIVES picture

HP/HPE ProLiant AMD Opteron X3216 APU 16 GB RAM MicroServer Gen 10 NO DRIVES

$299.99


1U Supermicro Server 10 Bay 2x Intel Xeon 3.3Ghz 8C 128GB RAM 480GB SSD 2x 10GBE picture

1U Supermicro Server 10 Bay 2x Intel Xeon 3.3Ghz 8C 128GB RAM 480GB SSD 2x 10GBE

$297.00


2U 12 Bay SAS3 SuperMicro Server 6028U-TR4T+ W/ X10DRU-i+ Barebone 12 Caddy RAIL picture

2U 12 Bay SAS3 SuperMicro Server 6028U-TR4T+ W/ X10DRU-i+ Barebone 12 Caddy RAIL

$299.00


Discussions

No Discussions have been posted on this vulnerability.