CVE ID:	CVE-2006-0300
Description:	Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.
Test IDs:	1.3.6.1.4.1.25623.1.0.56505   1.3.6.1.4.1.25623.1.0.855115   1.3.6.1.4.1.25623.1.0.56599   1.3.6.1.4.1.25623.1.0.855178   1.3.6.1.4.1.25623.1.0.855413   1.3.6.1.4.1.25623.1.0.56339   1.3.6.1.4.1.25623.1.0.56350   1.3.6.1.4.1.25623.1.0.62604   1.3.6.1.4.1.25623.1.0.855433   1.3.6.1.4.1.25623.1.0.855295   1.3.6.1.4.1.25623.1.0.56340   1.3.6.1.4.1.25623.1.0.855348   1.3.6.1.4.1.25623.1.0.56414   1.3.6.1.4.1.25623.1.0.56393
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2006-0300 http://lists.gnu.org/archive/html/bug-tar/2006-02/msg00051.html http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html Debian Security Information: DSA-987 (Google Search) http://www.debian.org/security/2006/dsa-987 http://www.securityfocus.com/archive/1/archive/1/430299/100/0/threaded http://www.gentoo.org/security/en/glsa/glsa-200603-06.xml http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:046 http://www.openpkg.org/security/OpenPKG-SA-2006.006-tar.html RedHat Security Advisories: RHSA-2006:0232 http://www.redhat.com/support/errata/RHSA-2006-0232.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-241646-1 SuSE Security Announcement: SUSE-SR:2006:005 (Google Search) http://www.novell.com/linux/security/advisories/2006_05_sr.html http://www.trustix.org/errata/2006/0010 http://www.ubuntulinux.org/support/documentation/usn/usn-257-1 Cert/CC Advisory: TA07-072A http://www.us-cert.gov/cas/techalerts/TA07-072A.html Cert/CC Advisory: TA07-109A http://www.us-cert.gov/cas/techalerts/TA07-109A.html BugTraq ID: 16764 http://www.securityfocus.com/bid/16764 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5252 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5978 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5993 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6094 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9295 http://www.vupen.com/english/advisories/2006/0684 http://www.vupen.com/english/advisories/2007/0930 http://www.vupen.com/english/advisories/2007/1470 http://www.vupen.com/english/advisories/2008/2518 http://www.osvdb.org/23371 http://securitytracker.com/id?1015705 http://secunia.com/advisories/18976 http://secunia.com/advisories/18973 http://secunia.com/advisories/18999 http://secunia.com/advisories/19093 http://secunia.com/advisories/19130 http://secunia.com/advisories/19152 http://secunia.com/advisories/19236 http://secunia.com/advisories/19016 http://secunia.com/advisories/20042 http://secunia.com/advisories/24479 http://secunia.com/advisories/24966 http://securityreason.com/securityalert/480 http://securityreason.com/securityalert/543 XForce ISS Database: gnu-tar-pax-headers-bo(24855) http://xforce.iss.net/xforce/xfdb/24855

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: