GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Tue Nov 22, 2016 4:26 pm Post subject: [ GLSA 201611-19 ] Tar |
|
|
Gentoo Linux Security Advisory
Title: Tar: Extract pathname bypass (GLSA 201611-19)
Severity: normal
Exploitable: remote
Date: November 22, 2016
Bug(s): #598334
ID: 201611-19
Synopsis
A path traversal attack in Tar may lead to the remote execution of
arbitrary code.
Background
The Tar program provides the ability to create and manipulate tar
archives.
Affected Packages
Package: app-arch/tar
Vulnerable: < 1.29-r1
Unaffected: >= 1.29-r1
Architectures: All supported architectures
Description
Tar attempts to avoid path traversal attacks by removing offending parts
of the element name at extract. This sanitizing leads to a vulnerability
where the attacker can bypass the path name(s) specified on the command
line.
Impact
The attacker can create a crafted tar archive that, if extracted by the
victim, replaces files and directories the victim has access to in the
target directory, regardless of the path name(s) specified on the command
line.
Workaround
There is no known workaround at this time.
Resolution
All Tar users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=app-arch/tar-1.29-r1"
|
References
CVE-2016-6321 |
|