Oval Definition:	oval:org.mitre.oval:def:7779
Revision Date: 2010-06-07 Version: 17 Title: Security Vulnerabilities in GNU tar (see gtar(1)) May Lead to Files Being Overwritten, Execution of Arbitrary Code, or a Denial of Service (DoS) Description: Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2007-4131 Platform(s): Sun Solaris 10 Sun Solaris 9 Product(s): Definition Synopsis Solaris 9 (SPARC) meets Sun Alert 273551 Solaris 9 (SPARC) is installed AND NOT Patch 118191-04 or later installed OR Solaris 10 (SPARC) meets Sun Alert 273551 Solaris 10 (SPARC) is installed AND NOT Patch 139099-03 or later installed OR Solaris 9 (x86) meets Sun Alert 273551 Solaris 9 (x86) is installed AND NOT Patch 118192-04 or later installed OR Solaris 10 (x86) meets Sun Alert 273551 Solaris 10 (x86) is installed AND NOT Patch 139100-03 or later installed
BACK