CVE-2006-6097
CVE-2006-6097
GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function in extract.c and extract_mangle function in mangle.c, a variant of CVE-2002-1216.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/29160unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.aschttp://docs.info.apple.com/article.html?artnum=305214http://kb.vmware.com/KanisaPlatform/Publishing/817/2240267_f.SAL_Public.htmlhttp://lists.apple.com/archives/security-announce/2007/Mar/msg00002.htmlhttp://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050812.htmlhttp://rhn.redhat.com/errata/RHSA-2006-0749.htmlhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216937http://secunia.com/advisories/23115http://secunia.com/advisories/23117http://secunia.com/advisories/23142http://secunia.com/advisories/23146http://secunia.com/advisories/23163