[SMGLSA-2006-19] tar: Buffer overflow via unspecif: msg#00002

-->

[SMGLSA-2006-19] tar: Buffer overflow via unspecified vectors involving PAX: msg#00002

Subject:	[SMGLSA-2006-19] tar: Buffer overflow via unspecified vectors involving PAX extended headers

Summary
============

Buffer overflow in tar 1.14 through 1.15.90 allows user-complicit
attackers to cause a denial of service (application crash) and possibly
execute code via unspecified vectors involving PAX extended headers.

Impact
=================
Allows user-complicit attackers to cause a denial of service
(application crash) and possibly execute code via unspecified vectors
involving PAX extended headers.

Solution:
=========
Update tar as soon as possible.

Resolution
==========
All tar users should upgrade to the latest available version:
        # scribe update
        # cast -c tar

References
============
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300

signature.asc
Description: PGP signature

Special educational offers, white papers, webcasts, podcasts

WEBCAST: Offshore software development: Making it a success with agile practices. Register Now:

WEBCAST: IBM WebSphere Portal V6.1 Web 2.0 Capabilities. Register Now:

WHITE PAPER: Best practices for software analysis (Best Practices)

DOWNLOAD NEW E-KIT: Download the IBM pureXML Developers Kit:

DOWNLOAD: Rational Trial Software – Rational Team Concert Free Information:

TUTORIAL: Debug iPhone Web applications with Eclipse

<Prev in Thread]	Current Thread	[Next in Thread>

Previous by Date:	[SMGLSA 2006-18] freeciv: remote denial of service attack, Andraž \"ruskie\" Levstik
Next by Date:	[SMGLSA-2006-20] firefox/seamonkey: multiple vulnerabilities, Arwed von Merkatz
Previous by Thread:	[SMGLSA 2006-18] freeciv: remote denial of service attack, Andraž \"ruskie\" Levstik
Next by Thread:	[SMGLSA-2006-20] firefox/seamonkey: multiple vulnerabilities, Arwed von Merkatz
Indexes:	[Date] [Thread] [Top] [All Lists]

^^^ ADDITIONAL NAVIGATION ^^^

Recently Viewed:
handhelds.pocke... colinux.general... apache.maven.no... kde.freebsd/200... emacs.devel/200... qnx.openqnx.dev... lib.fox-toolkit... genealogy.gramp... bug-tracking.gn... yellowdog.gener... network.zebra.b... recreation.radi... mathematics.aba... internationaliz... freebsd.devel.n... xfree86.cvs/200... security.cyrus.... desktop.xfce.de... text.xml.french... video.gimp.deve... windows.devel.d... politics.activi... user-groups.lin... java.ejb.middle...

Home | blog view | USPTO Patent Archive (NEW!) | advertise | OSDir is an inevitable website. super tiny logo