(Sun Issues Fix for Solaris) Tar Buffer Overflow in Processing PAX Extended Headers May Let Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1020830 |
|
SecurityTracker URL: http://securitytracker.com/id/1020830
|
|
CVE Reference:
CVE-2006-0300
(Links to External Site)
|
Updated: Apr 30 2009
|
Original Entry Date: Sep 9 2008
|
Impact:
Execution of arbitrary code via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): prior to 1.15.90
|
Description:
A vulnerability was reported in Tar. A remote user may be able to cause arbitrary code to be executed on the target system.
A remote user can create an archive containing specially crafted PAX extended headers that, when processed by the target user, will trigger a buffer overflow.
[Editor's note: The report did not indicate whether code execution is possible.]
|
Impact:
A remote user may be able to cause arbitrary code to be executed on the target system. However, the report did not confirm code execution.
|
Solution:
Sun has issued a fix for Solaris.
SPARC Platform
* Solaris 9 with patch 118191-02 or later
* Solaris 10 with patch 139099-01 or later
* OpenSolaris based upon build snv_81 or later
x86 Platform
* Solaris 9 with patch 118192-02 or later
* Solaris 10 with patch 139100-01 or later
* OpenSolaris based upon build snv_81 or later
The Sun advisory is available at:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-241646-1
|
Vendor URL: www.gnu.org/software/tar (Links to External Site)
|
Cause:
Boundary error
|
Underlying OS:
UNIX (Solaris - SunOS)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Tue, 9 Sep 2008 08:49:08 -0400
Subject: http://sunsolve.sun.com/search/document.do?assetkey=1-66-241646-1
|
CVE-2006-0300
|
|
