Test ID:	1.3.6.1.4.1.25623.1.0.56414
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200603-06 (tar)
Summary:	The remote host is missing updates announced in;advisory GLSA 200603-06.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200603-06. Vulnerability Insight: A malicious tar archive could trigger a Buffer overflow in GNU tar, potentially resulting in the execution of arbitrary code. Solution: All GNU tar users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-arch/tar-1.15.1-r1' CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-0300 1015705 http://securitytracker.com/id?1015705 16764 http://www.securityfocus.com/bid/16764 18973 http://secunia.com/advisories/18973 18976 http://secunia.com/advisories/18976 18999 http://secunia.com/advisories/18999 19016 http://secunia.com/advisories/19016 19093 http://secunia.com/advisories/19093 19130 http://secunia.com/advisories/19130 19152 http://secunia.com/advisories/19152 19236 http://secunia.com/advisories/19236 20042 http://secunia.com/advisories/20042 2006-0010 http://www.trustix.org/errata/2006/0010 23371 http://www.osvdb.org/23371 241646 http://sunsolve.sun.com/search/document.do?assetkey=1-26-241646-1 24479 http://secunia.com/advisories/24479 24966 http://secunia.com/advisories/24966 480 http://securityreason.com/securityalert/480 543 http://securityreason.com/securityalert/543 ADV-2006-0684 http://www.vupen.com/english/advisories/2006/0684 ADV-2007-0930 http://www.vupen.com/english/advisories/2007/0930 ADV-2007-1470 http://www.vupen.com/english/advisories/2007/1470 ADV-2008-2518 http://www.vupen.com/english/advisories/2008/2518 APPLE-SA-2007-03-13 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html APPLE-SA-2007-04-19 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html DSA-987 http://www.debian.org/security/2006/dsa-987 FLSA:183571-2 http://www.securityfocus.com/archive/1/430299/100/0/threaded GLSA-200603-06 http://www.gentoo.org/security/en/glsa/glsa-200603-06.xml MDKSA-2006:046 http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:046 OpenPKG-SA-2006.006 http://www.openpkg.org/security/OpenPKG-SA-2006.006-tar.html RHSA-2006:0232 http://www.redhat.com/support/errata/RHSA-2006-0232.html SUSE-SR:2006:005 http://www.novell.com/linux/security/advisories/2006_05_sr.html TA07-072A http://www.us-cert.gov/cas/techalerts/TA07-072A.html TA07-109A http://www.us-cert.gov/cas/techalerts/TA07-109A.html USN-257-1 https://usn.ubuntu.com/257-1/ [Bug-tar] 20060220 tar 1.15.90 released http://lists.gnu.org/archive/html/bug-tar/2006-02/msg00051.html gnu-tar-pax-headers-bo(24855) https://exchange.xforce.ibmcloud.com/vulnerabilities/24855 http://docs.info.apple.com/article.html?artnum=305214 http://docs.info.apple.com/article.html?artnum=305391 oval:org.mitre.oval:def:5252 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5252 oval:org.mitre.oval:def:5978 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5978 oval:org.mitre.oval:def:5993 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5993 oval:org.mitre.oval:def:6094 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6094 oval:org.mitre.oval:def:9295 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9295
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.