National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Vulnerability Change Record for CVE-2016-6321

Change History

Initial Analysis - 12/14/2016 11:58:46 AM

Action Type Old Value New Value
Changed Reference Type
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=7340f67b9860ea0531c1450e5aa261c50f67165d No Types Assigned
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=7340f67b9860ea0531c1450e5aa261c50f67165d Issue Tracking, Patch
Changed Reference Type
http://lists.gnu.org/archive/html/bug-tar/2016-10/msg00016.html No Types Assigned
http://lists.gnu.org/archive/html/bug-tar/2016-10/msg00016.html Mailing List, Vendor Advisory
Changed Reference Type
http://packetstormsecurity.com/files/139370/GNU-tar-1.29-Extract-Pathname-Bypass.html No Types Assigned
http://packetstormsecurity.com/files/139370/GNU-tar-1.29-Extract-Pathname-Bypass.html Third Party Advisory, VDB Entry, Exploit
Changed Reference Type
http://seclists.org/fulldisclosure/2016/Oct/102 No Types Assigned
http://seclists.org/fulldisclosure/2016/Oct/102 Third Party Advisory, Mailing List, Patch
Changed Reference Type
http://seclists.org/fulldisclosure/2016/Oct/96 No Types Assigned
http://seclists.org/fulldisclosure/2016/Oct/96 Third Party Advisory, Mailing List
Changed Reference Type
http://www.securityfocus.com/bid/93937 No Types Assigned
http://www.securityfocus.com/bid/93937 Third Party Advisory, VDB Entry
Changed Reference Type
https://sintonen.fi/advisories/tar-extract-pathname-bypass.proper.txt No Types Assigned
https://sintonen.fi/advisories/tar-extract-pathname-bypass.proper.txt Third Party Advisory
Added CWE
CWE-22
Added CVSS V2
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Added CVSS V3
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Added CPE Configuration
Configuration 1
     OR
          *cpe:2.3:a:gnu:tar:1.24:*:*:*:*:*:*:*
          *cpe:2.3:a:gnu:tar:1.25:*:*:*:*:*:*:*
          *cpe:2.3:a:gnu:tar:1.26:*:*:*:*:*:*:*
          *cpe:2.3:a:gnu:tar:1.27:*:*:*:*:*:*:*
          *cpe:2.3:a:gnu:tar:1.27.1:*:*:*:*:*:*:*
          *cpe:2.3:a:gnu:tar:1.28:*:*:*:*:*:*:*
          *cpe:2.3:a:gnu:tar:1.29:*:*:*:*:*:*:*
          *cpe:2.3:a:gnu:tar:1.14:*:*:*:*:*:*:*
          *cpe:2.3:a:gnu:tar:1.15:*:*:*:*:*:*:*
          *cpe:2.3:a:gnu:tar:1.15.1:*:*:*:*:*:*:*
          *cpe:2.3:a:gnu:tar:1.15.90:*:*:*:*:*:*:*
          *cpe:2.3:a:gnu:tar:1.15.91:*:*:*:*:*:*:*
          *cpe:2.3:a:gnu:tar:1.16:*:*:*:*:*:*:*
          *cpe:2.3:a:gnu:tar:1.16.1:*:*:*:*:*:*:*
          *cpe:2.3:a:gnu:tar:1.17:*:*:*:*:*:*:*
          *cpe:2.3:a:gnu:tar:1.18:*:*:*:*:*:*:*
          *cpe:2.3:a:gnu:tar:1.19:*:*:*:*:*:*:*
          *cpe:2.3:a:gnu:tar:1.20:*:*:*:*:*:*:*
          *cpe:2.3:a:gnu:tar:1.21:*:*:*:*:*:*:*
          *cpe:2.3:a:gnu:tar:1.22:*:*:*:*:*:*:*
          *cpe:2.3:a:gnu:tar:1.23:*:*:*:*:*:*:*