ID de Prueba:	1.3.6.1.4.1.25623.1.0.59931
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Security Advisory (FreeBSD-SA-07:10.gtar.asc)
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory FreeBSD-SA-07:10.gtar.asc
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-07:10.gtar.asc Vulnerability Insight: GNU tar (gtar) is a utility to create and extract tape archives, commonly known as tar files. GNU tar is included in FreeBSD 5.x as /usr/bin/gtar. Insufficient sanity checking of paths containing '.' and '..' allows gtar to overwrite arbitrary files on the system. Solution: Upgrade your system to the appropriate stable release or security branch dated after the correction date. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4131 1018599 http://www.securitytracker.com/id?1018599 1021680 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021680.1-1 2007-0026 http://www.trustix.org/errata/2007/0026/ 20070825 rPSA-2007-0172-1 tar http://www.securityfocus.com/archive/1/477731/100/0/threaded 20070827 FLEA-2007-0049-1 tar http://www.securityfocus.com/archive/1/477865/100/0/threaded 25417 http://www.securityfocus.com/bid/25417 26573 http://secunia.com/advisories/26573 26590 http://secunia.com/advisories/26590 26603 http://secunia.com/advisories/26603 26604 http://secunia.com/advisories/26604 26655 http://secunia.com/advisories/26655 26673 http://secunia.com/advisories/26673 26674 http://secunia.com/advisories/26674 26781 http://secunia.com/advisories/26781 26822 http://secunia.com/advisories/26822 26984 http://secunia.com/advisories/26984 27453 http://secunia.com/advisories/27453 27861 http://secunia.com/advisories/27861 28136 http://secunia.com/advisories/28136 28255 http://secunia.com/advisories/28255 ADV-2007-2958 http://www.vupen.com/english/advisories/2007/2958 ADV-2007-4238 http://www.vupen.com/english/advisories/2007/4238 APPLE-SA-2007-12-17 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html DSA-1438 http://www.debian.org/security/2007/dsa-1438 FEDORA-2007-2673 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00370.html FreeBSD-SA-07:10 http://security.FreeBSD.org/advisories/FreeBSD-SA-07:10.gtar.asc GLSA-200709-09 http://security.gentoo.org/glsa/glsa-200709-09.xml MDKSA-2007:173 http://www.mandriva.com/security/advisories?name=MDKSA-2007:173 RHSA-2007:0860 http://www.redhat.com/support/errata/RHSA-2007-0860.html SUSE-SR:2007:018 http://www.novell.com/linux/security/advisories/2007_18_sr.html TA07-352A http://www.us-cert.gov/cas/techalerts/TA07-352A.html USN-506-1 http://www.ubuntu.com/usn/usn-506-1 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=251921 http://docs.info.apple.com/article.html?artnum=307179 http://support.avaya.com/elmodocs2/security/ASA-2007-383.htm https://issues.rpath.com/browse/RPL-1631 oval:org.mitre.oval:def:10420 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10420 oval:org.mitre.oval:def:7779 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7779
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.