Test ID:	1.3.6.1.4.1.25623.1.0.59595
Category:	Fedora Local Security Checks
Title:	Fedora Core 6 FEDORA-2007-683 (tar)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to tar announced via advisory FEDORA-2007-683. The GNU tar program saves many files together in one archive and can restore individual files (or all of the files) from that archive. Tar can also be used to add supplemental files to an archive and to update or list files in the archive. Tar includes multivolume support, automatic archive compression/decompression, the ability to perform remote archives, and the ability to perform incremental and full backups. If you want to use tar for remote backups, you also need to install the rmt package. * Wed Aug 29 2007 Radek Brich 2:1.15.1-26 - Fix CVE-2007-4131 tar directory traversal vulnerability (#253685) Solution: Apply the appropriate updates. This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-683 Risk factor : High CVSS Score: 6.8
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4131 1018599 http://www.securitytracker.com/id?1018599 1021680 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021680.1-1 2007-0026 http://www.trustix.org/errata/2007/0026/ 20070825 rPSA-2007-0172-1 tar http://www.securityfocus.com/archive/1/477731/100/0/threaded 20070827 FLEA-2007-0049-1 tar http://www.securityfocus.com/archive/1/477865/100/0/threaded 25417 http://www.securityfocus.com/bid/25417 26573 http://secunia.com/advisories/26573 26590 http://secunia.com/advisories/26590 26603 http://secunia.com/advisories/26603 26604 http://secunia.com/advisories/26604 26655 http://secunia.com/advisories/26655 26673 http://secunia.com/advisories/26673 26674 http://secunia.com/advisories/26674 26781 http://secunia.com/advisories/26781 26822 http://secunia.com/advisories/26822 26984 http://secunia.com/advisories/26984 27453 http://secunia.com/advisories/27453 27861 http://secunia.com/advisories/27861 28136 http://secunia.com/advisories/28136 28255 http://secunia.com/advisories/28255 ADV-2007-2958 http://www.vupen.com/english/advisories/2007/2958 ADV-2007-4238 http://www.vupen.com/english/advisories/2007/4238 APPLE-SA-2007-12-17 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html DSA-1438 http://www.debian.org/security/2007/dsa-1438 FEDORA-2007-2673 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00370.html FreeBSD-SA-07:10 http://security.FreeBSD.org/advisories/FreeBSD-SA-07:10.gtar.asc GLSA-200709-09 http://security.gentoo.org/glsa/glsa-200709-09.xml MDKSA-2007:173 http://www.mandriva.com/security/advisories?name=MDKSA-2007:173 RHSA-2007:0860 http://www.redhat.com/support/errata/RHSA-2007-0860.html SUSE-SR:2007:018 http://www.novell.com/linux/security/advisories/2007_18_sr.html TA07-352A http://www.us-cert.gov/cas/techalerts/TA07-352A.html USN-506-1 http://www.ubuntu.com/usn/usn-506-1 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=251921 http://docs.info.apple.com/article.html?artnum=307179 http://support.avaya.com/elmodocs2/security/ASA-2007-383.htm https://issues.rpath.com/browse/RPL-1631 oval:org.mitre.oval:def:10420 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10420 oval:org.mitre.oval:def:7779 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7779
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.