Vulnerability CVE-2007-4476

Vulnerability Name:

CVE-2007-4476 (CCN-36395)

Assigned:

2007-08-17

Published:

2007-08-17

Updated:

2021-05-17

Summary:

Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."

CVSS v3 Severity:

3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Access Complexity (AC): Authentication (Au):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P)
1.9 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Access Complexity (AC): Athentication (Au):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

2.6 Low (REDHAT CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P)
1.9 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Access Complexity (AC): Authentication (Au):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

Vulnerability Type:

CWE-119
CWE-noinfo

Vulnerability Consequences:

Denial of Service

References:

Source: CONFIRM
Type: Third Party Advisory
http://bugs.gentoo.org/show_bug.cgi?id=196978

Source: MITRE
Type: CNA
CVE-2007-4476

Source: CONFIRM
Type: Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691

Source: CONFIRM
Type: Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

Source: CCN
Type: RHSA-2010-0141
Moderate: tar security update

Source: CCN
Type: RHSA-2010-0144
Moderate: cpio security update

Source: SECUNIA
Type: Patch, Third Party Advisory
26674

Source: SECUNIA
Type: Third Party Advisory
26987

Source: SECUNIA
Type: Third Party Advisory
27331

Source: SECUNIA
Type: Third Party Advisory
27453

Source: SECUNIA
Type: Third Party Advisory
27514

Source: SECUNIA
Type: Third Party Advisory
27681

Source: SECUNIA
Type: Third Party Advisory
27857

Source: SECUNIA
Type: Third Party Advisory
28255

Source: SECUNIA
Type: Third Party Advisory
29968

Source: SECUNIA
Type: Third Party Advisory
32051

Source: SECUNIA
Type: Third Party Advisory
33567

Source: SECUNIA
Type: Third Party Advisory
39008

Source: GENTOO
Type: Third Party Advisory
GLSA-200711-18

Source: SUNALERT
Type: Broken Link
1021680

Source: DEBIAN
Type: Third Party Advisory
DSA-1438

Source: DEBIAN
Type: Third Party Advisory
DSA-1566

Source: DEBIAN
Type: DSA-1438
tar -- several vulnerabilities

Source: DEBIAN
Type: DSA-1566
cpio -- programming error

Source: CCN
Type: GLSA-200711-18
Cpio: Buffer overflow

Source: CCN
Type: GNU tar Web site
Tar - GNU Project - Free Software Foundation (FSF)

Source: MANDRIVA
Type: Broken Link
MDKSA-2007:197

Source: MANDRIVA
Type: Broken Link
MDKSA-2007:233

Source: SUSE
Type: Broken Link
SUSE-SR:2007:018

Source: SUSE
Type: Broken Link
SUSE-SR:2007:019

Source: REDHAT
Type: Third Party Advisory
RHSA-2010:0141

Source: REDHAT
Type: Third Party Advisory
RHSA-2010:0144

Source: BID
Type: Third Party Advisory, VDB Entry
26445

Source: CCN
Type: BID-26445
GNU TAR and CPIO safer_name_suffix Remote Denial of Service Vulnerability

Source: CCN
Type: USN-650-1
cpio vulnerability

Source: UBUNTU
Type: Third Party Advisory
USN-650-1

Source: CCN
Type: USN-709-1
tar vulnerability

Source: UBUNTU
Type: Third Party Advisory
USN-709-1

Source: VUPEN
Type: Permissions Required
ADV-2010-0628

Source: VUPEN
Type: Permissions Required
ADV-2010-0629

Source: CONFIRM
Type: Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=280961

Source: XF
Type: UNKNOWN
gnutar-safernamesuffix-dos(36395)

Source: CONFIRM
Type: Broken Link
https://issues.rpath.com/browse/RPL-1861

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:7114

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:8599

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:9336

Source: FEDORA
Type: Third Party Advisory
FEDORA-2007-735

Source: FEDORA
Type: Third Party Advisory
FEDORA-2007-2673

Source: SUSE
Type: SUSE-SR:2007:018
SUSE Security Summary Report

Source: SUSE
Type: SUSE-SR:2007:019
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:gnu:tar:*:*:*:*:*:*:*:* (Version < 1.19:)

Configuration 2:

cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Denotes that component is vulnerable

Vulnerability Name:

CVE-2007-4476 (CCN-54534)

Assigned:

2007-08-17

Published:

2007-08-17

Updated:

2009-12-02

Summary:

Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Access Complexity (AC): Authentication (Au):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.3 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Access Complexity (AC): Athentication (Au):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

2.6 Low (REDHAT CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P)
2.0 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Access Complexity (AC): Authentication (Au):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2007-4476

Source: CCN
Type: RHSA-2010-0141
Moderate: tar security update

Source: CCN
Type: RHSA-2010-0144
Moderate: cpio security update

Source: CCN
Type: SA37594
Sun Solaris GNU tar Archive Parsing Vulnerabilities

Source: CCN
Type: Sun Alert ID: 273551
Two Security Vulnerabilities in GNU tar (see gtar(1)) May Lead to Files Being Overwritten, Execution of Arbitrary Code, or a Denial of Service (DoS)

Source: DEBIAN
Type: DSA-1438
tar -- several vulnerabilities

Source: DEBIAN
Type: DSA-1566
cpio -- programming error

Source: CCN
Type: BID-26445
GNU TAR and CPIO safer_name_suffix Remote Denial of Service Vulnerability

Source: CCN
Type: USN-650-1
cpio vulnerability

Source: CCN
Type: USN-709-1
tar vulnerability

Source: XF
Type: UNKNOWN
solaris-gnu-tar-bo(54534)

Vulnerable Configuration:

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/o:sun:opensolaris:build_snv_89:*:x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_89:*:sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_95::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_95::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_01:*:x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_02:*:x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_13:*:x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_19:*:x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_22:*:x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_39:*:x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_47:*:x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_64:*:x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_79b:*:x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_88:*:x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_01:*:sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_02:*:sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_13:*:sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_19:*:sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_22:*:sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_39:*:sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_47:*:sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_64:*:sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_79b:*:sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_88:*:sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_03::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_04::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_05::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_06::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_07::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_08::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_09::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_10::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_11::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_12::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_14::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_15::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_16::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_18::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_20::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_21::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_24::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_25::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_26::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_27::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_28::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_29::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_31::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_32::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_33::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_34::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_35::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_37::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_41::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_43::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_44::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_45::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_48::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_50::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_53::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_54::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_56::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_58::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_59::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_60::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_62::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_65::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_68::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_69::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_72::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_75::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_76::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_78::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_81::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_82::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_84::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_85::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_87::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_86::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_17::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_23::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_30::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_36::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_38::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_42::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_46::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_49::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_51::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_52::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_55::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_57::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_61::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_63::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_66::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_67::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_70::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_71::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_73::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_74::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_77::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_79::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_83::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_03::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_04::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_05::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_06::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_07::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_15::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_08::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_14::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_11::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_17::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_12::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_09::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_16::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_10::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_21::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_20::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_27::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_26::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_25::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_24::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_23::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_18::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_28::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_33::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_34::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_35::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_36::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_32::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_37::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_31::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_30::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_29::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_40::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_41::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_42::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_43::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_44::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_38::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_45::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_46::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_48::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_55::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_54::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_50::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_57::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_49::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_56::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_52::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_51::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_53::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_67::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_66::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_59::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_65::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_58::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_61::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_63::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_60::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_62::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_71::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_68::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_72::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_77::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_70::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_74::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_73::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_76::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_69::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_75::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_78::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_84::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_83::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_79::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_86::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_85::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_87::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_80::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_82::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_81::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_100::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_100::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_102::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_102::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_80::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_91::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_91::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_90::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_90::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_40::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_104::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_104::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_101::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_101::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_105::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_105::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_92::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_92::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_93::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_94::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_99::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_98::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_97::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_96::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_94::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_93::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_99::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_97::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_98::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_96::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_103::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_103::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_106::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_106::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_107::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_107::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_108::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_109::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_110::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_108::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_109::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_110::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_111::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_111::x86:*:*:*:*:*

AND

cpe:/o:sun:solaris:9:*:x86:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*

OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*

OR cpe:/o:sun:solaris:10:*:sparc:*:*:*:*:*

OR cpe:/o:sun:solaris:10:*:x86:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06:*:lts:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:x86-64:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:x86-64:*:*:*:*:*

OR cpe:/o:sun:solaris:9:*:sparc:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20074476	V	CVE-2007-4476	2015-11-16
oval:org.mitre.oval:def:17789	P	USN-650-1 -- cpio vulnerability	2014-07-21
oval:org.mitre.oval:def:13929	P	USN-709-1 -- tar vulnerability	2014-06-30
oval:org.mitre.oval:def:20059	P	DSA-1438-1 tar	2014-06-23
oval:org.mitre.oval:def:8098	P	DSA-1566 cpio -- programming error	2014-06-23
oval:org.mitre.oval:def:18211	P	DSA-1566-1 cpio - programming error	2014-06-23
oval:org.mitre.oval:def:22400	P	ELSA-2010:0141: tar security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:22814	P	ELSA-2010:0144: cpio security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:21485	P	RHSA-2010:0144: cpio security update (Moderate)	2014-02-24
oval:org.mitre.oval:def:22152	P	RHSA-2010:0141: tar security update (Moderate)	2014-02-24
oval:org.mitre.oval:def:7114	V	VMware ESX,Service Console update for cpio and tar.	2014-01-20
oval:org.mitre.oval:def:9336	V	Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."	2013-04-29
oval:org.mitre.oval:def:8599	V	Security Vulnerabilities in GNU tar (see gtar(1)) May Lead to Files Being Overwritten, Execution of Arbitrary Code, or a Denial of Service (DoS)	2010-06-07
oval:com.redhat.rhsa:def:20100144	P	RHSA-2010:0144: cpio security update (Moderate)	2010-03-16
oval:com.redhat.rhsa:def:20100141	P	RHSA-2010:0141: tar security update (Moderate)	2010-03-15
oval:org.debian:def:1566	V	programming error	2008-05-02
oval:org.debian:def:1438	V	several vulnerabilities	2007-12-28

BACK