Family: Debian Local Security Checks --> Category: infos
[DSA1223] DSA-1223-1 tar Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Teemu Salmela discovered a vulnerability in GNU tar that could allow a
malicious user to overwrite arbitrary files by inducing the victim to
attempt to extract a specially crafted tar file containing a
GNUTYPE_NAMES record with a symbolic link.
For the stable distribution (sarge), this problem has been fixed in
For the unstable distribution (sid) and the forthcoming stable release
(etch), this problem will be fixed in version 1.16-2.
We recommend that you upgrade your tar package.
Solution : http://www.debian.org/security/2006/dsa-1223
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.