CVE-2006-6097

Severity

40%

Complexity

49%

Confidentiality

81%

GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function in extract.c and extract_mangle function in mangle.c, a variant of CVE-2002-1216.

GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function in extract.c and extract_mangle function in mangle.c, a variant of CVE-2002-1216.

CVSS 2.0 Base Score 4. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:N/I:P/A:P).

Overview

Type

GNU tar

First reported 18 years ago

2006-11-24 18:07:00

Last updated 6 years ago

2018-10-17 21:46:00

Affected Software

GNU tar 1.15.1

1.15.1

GNU tar 1.16

1.16

References

20061202-01-P

http://docs.info.apple.com/article.html?artnum=305214

http://kb.vmware.com/KanisaPlatform/Publishing/817/2240267_f.SAL_Public.html

APPLE-SA-2007-03-13

20061121 GNU tar directory traversal

Exploit

RHSA-2006:0749

23115

23117

23142

23146

23163

23173

23198

23209

23314

23443

23514

23911

24479

24636

FreeBSD-SA-06:26

GLSA-200612-10

1918

1017423

SSA:2006-335-01

http://support.avaya.com/elmodocs2/security/ASA-2007-015.htm

DSA-1223

MDKSA-2006:219

OpenPKG-SA-2006.038

20061201 rPSA-2006-0222-1 tar

20070330 VMSA-2007-0002 VMware ESX security updates

21235

Exploit

2006-0068

USN-385-1

TA07-072A

US Government Resource

http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html

ADV-2006-4717

ADV-2006-5102

ADV-2007-0930

ADV-2007-1171

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216937

Exploit

https://issues.rpath.com/browse/RPL-821

oval:org.mitre.oval:def:10963

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.