Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200612-10 (tar)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.57949
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200612-10 (tar)
Summary:	The remote host is missing updates announced in;advisory GLSA 200612-10.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200612-10. Vulnerability Insight: Tar is vulnerable to directory traversal possibly allowing for the overwriting of arbitrary files. Solution: All Tar users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-arch/tar-1.16-r2' CVSS Score: 4.0 CVSS Vector: AV:N/AC:H/Au:N/C:N/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-6097 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html BugTraq ID: 21235 http://www.securityfocus.com/bid/21235 Bugtraq: 20061201 rPSA-2006-0222-1 tar (Google Search) http://www.securityfocus.com/archive/1/453286/100/0/threaded Bugtraq: 20070330 VMSA-2007-0002 VMware ESX security updates (Google Search) http://www.securityfocus.com/archive/1/464268/100/0/threaded Cert/CC Advisory: TA07-072A http://www.us-cert.gov/cas/techalerts/TA07-072A.html Debian Security Information: DSA-1223 (Google Search) http://www.debian.org/security/2006/dsa-1223 FreeBSD Security Advisory: FreeBSD-SA-06:26 http://security.freebsd.org/advisories/FreeBSD-SA-06:26.gtar.asc http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050812.html http://security.gentoo.org/glsa/glsa-200612-10.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:219 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216937 http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.038.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10963 RedHat Security Advisories: RHSA-2006:0749 http://rhn.redhat.com/errata/RHSA-2006-0749.html http://securitytracker.com/id?1017423 http://secunia.com/advisories/23115 http://secunia.com/advisories/23117 http://secunia.com/advisories/23142 http://secunia.com/advisories/23146 http://secunia.com/advisories/23163 http://secunia.com/advisories/23173 http://secunia.com/advisories/23198 http://secunia.com/advisories/23209 http://secunia.com/advisories/23314 http://secunia.com/advisories/23443 http://secunia.com/advisories/23514 http://secunia.com/advisories/23911 http://secunia.com/advisories/24479 http://secunia.com/advisories/24636 SGI Security Advisory: 20061202-01-P ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.469379 http://securityreason.com/securityalert/1918 http://www.trustix.org/errata/2006/0068/ http://www.ubuntu.com/usn/usn-385-1 http://www.vupen.com/english/advisories/2006/4717 http://www.vupen.com/english/advisories/2006/5102 http://www.vupen.com/english/advisories/2007/0930 http://www.vupen.com/english/advisories/2007/1171
Copyright	Copyright (C) 2008 E-Soft Inc.