Oval Definition:	oval:org.mitre.oval:def:22513
Revision Date: 2014-05-26 Version: 13 Title: ELSA-2007:0860: tar security update (Moderate) Description: Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2007-4131 ELSA-2007:0860-02 Platform(s): Oracle Linux 5 Product(s): tar Definition Synopsis Oracle Linux 5.x AND tar is earlier than 2:1.15.1-23.0.1.el5
BACK