GLSA-201611-19 : Tar: Extract pathname bypass

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote Gentoo host is missing one or more security-related
patches.

Description :

The remote host is affected by the vulnerability described in GLSA-201611-19
(Tar: Extract pathname bypass)

Tar attempts to avoid path traversal attacks by removing offending parts
of the element name at extract. This sanitizing leads to a vulnerability
where the attacker can bypass the path name(s) specified on the command
line.

Impact :

The attacker can create a crafted tar archive that, if extracted by the
victim, replaces files and directories the victim has access to in the
target directory, regardless of the path name(s) specified on the command
line.

Workaround :

There is no known workaround at this time.

See also :

https://security.gentoo.org/glsa/201611-19

Solution :

All Tar users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=app-arch/tar-1.29-r1'

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)

Family: Gentoo Local Security Checks

Nessus Plugin ID: 95270 ()

Bugtraq ID:

CVE ID: CVE-2016-6321

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now