Bug#439335: CVE-2007-4131: GNU tar Directory Traversal
previously ... Nico Golde [EMAIL PROTECTED] [Sun, 9 Sep 2007 14:30:06 +0200]: Hi, * Sylvain Beucler [EMAIL PROTECTED] [2007-09-09 13:56]: Was this forwarded to the Stable security team? If I'm given a tarball that can replace /etc/passwd, I'd say this is grave bug. This bug is monitored via the security tracker: http://security-tracker.debian.net/tracker/CVE-2007-4131 So they should be aware of it. just noticed this going past in an osx update and had a what ever happenned to that? moment. Regards, Paddy -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#439335: CVE-2007-4131: GNU tar Directory Traversal
Hi, Was this forwarded to the Stable security team? If I'm given a tarball that can replace /etc/passwd, I'd say this is grave bug. Thanks, -- Sylvain -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#439335: CVE-2007-4131: GNU tar Directory Traversal
Hi, * Sylvain Beucler [EMAIL PROTECTED] [2007-09-09 13:56]: Was this forwarded to the Stable security team? If I'm given a tarball that can replace /etc/passwd, I'd say this is grave bug. This bug is monitored via the security tracker: http://security-tracker.debian.net/tracker/CVE-2007-4131 So they should be aware of it. Kind regards Nico -- Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpROPZ2KKiWP.pgp Description: PGP signature
Bug#439335: CVE-2007-4131: GNU tar Directory Traversal Vulnerability
A user does not expect tar to allow absolute path names unless the -P option is given. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#439335: CVE-2007-4131: GNU tar Directory Traversal Vulnerability
tags 439335 +pending thanks On Wed, 2007-08-29 at 20:50 +0200, Stefan Fritsch wrote: A user does not expect tar to allow absolute path names unless the -P option is given. That's not a justification for severity 'grave' in the Debian BTS. However, regardless of what we think the appropriate bug severity is, I've just applied the patch in question in my tree and expect to upload it soonish. Bdale -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#439335: CVE-2007-4131: GNU tar Directory Traversal Vulnerability
Package: tar Version: 1.18-1 Severity: grave Tags: security patch -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - From CVE-2007-4131: The vulnerability is caused due to an input validation error when extracting tar archives. This can be exploited to extract files to arbitrary locations outside the specified directory with the permissions of the user running GNU tar by using the .. directory traversal sequence in a specially crafted tar archive. A patch is available in upstream CVS: http://cvs.savannah.gnu.org/viewvc/tar/src/names.c?root=tarr1=1.63r2=1.64 The same portion of code is present also in versions 1.16 (stable) and 1.14 (oldstable), so this bug should be probably tracked and fixed there too. However I'm not sure if there are other patches already applied there to prevent this issue, so right now I'm reporting this bug for sid only. Cheers, Luca - -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.20-1-686 (SMP w/1 CPU core) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages tar depends on: ii libc6 2.6.1-1GNU C Library: Shared libraries tar recommends no packages. - -- no debconf information -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGzqZaRqobajv7n7MRAhfjAJ9PQ+ZxxO5cOhE5FZMWLl/V84qdtACgqoy6 Cn3M2jeuQ0UM9BUXqxUsPrQ= =mvHJ -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#439335: CVE-2007-4131: GNU tar Directory Traversal Vulnerability
On Fri, 2007-08-24 at 11:35 +0200, Luca Bruno wrote: Package: tar Version: 1.18-1 Severity: grave Why does this merit a 'grave' severity when there is no apparent priv escalation involved? Bdale -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]