Ubuntu Security Notice (C) 2006-2013 Canonical, Inc. / NASL script (C) 2007-2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing a security-related patch.
Teemu Salmela discovered that tar still handled the deprecated
GNUTYPE_NAMES record type. This record type could be used to create
symlinks that would be followed while unpacking a tar archive. If a
user or an automated system were tricked into unpacking a specially
crafted tar file, arbitrary files could be overwritten with user
Update the affected tar package.
Risk factor :
Medium / CVSS Base Score : 4.0
Family: Ubuntu Local Security Checks
Nessus Plugin ID: 27968 ()
CVE ID: CVE-2006-6097