[Pardus-security] [PLSA 2010-42] tar/cpio: Buffer Overflow
Eren Turkay
eren at pardus.org.tr
Mon Mar 29 22:10:45 EEST 2010
------------------------------------------------------------------------
Pardus Linux Security Advisory 2010-42 security at pardus.org.tr
------------------------------------------------------------------------
Date: 2010-03-29
Severity: 3
Type: Local
------------------------------------------------------------------------
Summary
=======
A vulnerability has been fixed in GNU tar, which can potentially be
exploited by malicious people to compromise a vulnerable system.
Description
===========
CVE-2010-0624:
Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c
in the rmt client functionality in GNU tar before 1.23 and GNU cpio
before 2.11 allows remote rmt servers to cause a denial of service
(memory corruption) or possibly execute arbitrary code by sending more
data than was requested, related to archive filenames that contain a :
(colon) character.
Affected packages:
tar-1.21-18-4, all before 2009
cpio-2.9-9-5, all before 2009
cpio-2.9-9-4, all before 2008
tar-1.20-17-4, all before 2008
Resolution
==========
There are update(s) for tar-1.21-18-4, cpio-2.9-9-5, cpio-2.9-9-4,
tar-1.20-17-4. You can update them via Package Manager or with a single
command from console:
pisi up tar-1.21-18-4 cpio-2.9-9-5 cpio-2.9-9-4 tar-1.20-17-4
References
==========
* http://bugs.pardus.org.tr/show_bug.cgi?id=12435
* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0624
* https://bugzilla.redhat.com/show_bug.cgi?id=564368
------------------------------------------------------------------------
More information about the Pardus-security
mailing list