National Vulnerability Database

National Vulnerability Database

National Vulnerability

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:gnu:tar:1.13.25
There are 8 matching records.
Vuln ID Summary CVSS Severity

pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.

Published: March 22, 2019; 04:29:00 AM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM

GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root).

Published: December 26, 2018; 01:29:00 PM -05:00
V3.0: 4.7 MEDIUM
    V2: 1.9 LOW

Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character.

Published: March 15, 2010; 09:28:25 AM -04:00
    V2: 6.8 MEDIUM

Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."

Published: September 04, 2007; 09:17:00 PM -04:00
    V2: 7.5 HIGH

Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.

Published: August 24, 2007; 08:17:00 PM -04:00
    V2: 6.8 MEDIUM

The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/".

Published: December 31, 2005; 12:00:00 AM -05:00
    V2: 2.6 LOW

GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check.

Published: October 28, 2002; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM

Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267.

Published: October 10, 2002; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM