|
Family: Ubuntu Local Security Checks --> Category: infos
USN257-1 : tar vulnerability Vulnerability Scan
Vulnerability Scan Summary tar vulnerability
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote package "tar" is missing a security patch.
Description :
Jim Meyering discovered that tar did not properly verify the validity
of certain header fields in a GNU tar archive. By tricking an user
into processing a specially crafted tar archive, this could be
exploited to execute arbitrary code with the rights of the user.
The tar version in Ubuntu 4.10 is not affected by this vulnerability.
Solution :
Upgrade to :
- tar-1.15.1-2ubuntu0.1 (Ubuntu 5.10)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|