GNU Tar contains_dot_dot函数远程目录遍历漏洞

admin
admin
admin
0
文章
0
评论
2022-07-23 04:41:51 CNNVD漏洞 来源:ZONE.CI 全球网 0 阅读模式

漏洞信息详情

GNU Tar contains_dot_dot函数远程目录遍历漏洞

  • CNNVD编号:CNNVD-200708-400
  • 危害等级: 中危
  • CVE编号: CVE-2007-4131
  • 漏洞类型: 路径遍历
  • 发布时间: 2007-08-24
  • 威胁类型: 远程
  • 更新时间: 2007-08-28
  • 厂        商: rpath
  • 漏洞来源: Tomas Hoger※ thoge...

漏洞简介

GNU tar可创建和解压tar文档,并进行各种存档文件管理。

GNU tar在处理符号链接时存在漏洞,本地攻击者可能利用此漏洞提升权限或破坏文件。

GNU tar的contains_dot_dot函数没有正确地检查目录符号链接的名称,恶意用户所创建tar文档可以写入运行GNU tar的用户可写访问的任意文件。

漏洞公告

Debian已经为此发布了一个安全公告(DSA-1438-1)以及相应补丁:

DSA-1438-1:New tar packages fix several vulnerabilities

链接:

http://www.debian.org/security/2007/dsa-1438

补丁下载:

Source archives:

http://security.debian.org/pool/updates/main/t/tar/tar_1.14.orig.tar.gz

Size/MD5 checksum:1485633 3094544702b1affa32d969f0b6459663

http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.4.dsc

Size/MD5 checksum:846 cbcbbd7c638de842f913ac566c3f0b0a

http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.4.diff.gz

Size/MD5 checksum:51869 2675ec9acdf59ba6f0c54e5325675fcf

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.4_alpha.deb

Size/MD5 checksum: 533650 c5e87a25f7c6efd0e39647249f889ca3

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.4_amd64.deb

Size/MD5 checksum: 504092 64131456790b8bc4b45e341ce0ca6040

arm architecture (ARM)

http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.4_arm.deb

Size/MD5 checksum: 502452 1374822a67eafcd4f385b43479225b7b

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.4_hppa.deb

Size/MD5 checksum: 517962 f8d1d70a5989d1cab377efdc7c821e24

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.4_i386.deb

Size/MD5 checksum: 500822 3b1099df9c1df15768f8dc568068e02f

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.4_ia64.deb

Size/MD5 checksum: 543620 3026d8ed3c4e9203b3af8e7813a7858c

m68k architecture (Motorola Mc680x0)

http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.4_m68k.deb

Size/MD5 checksum: 489264 ec8bab9c3860d11e33b4c5ebef3be8e0

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.4_mips.deb

Size/MD5 checksum: 520658 9211a627bc4bd7859bf8e3c538abf342

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.4_mipsel.deb

Size/MD5 checksum: 520438 a58746324064e51070a558102a134de3

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.4_powerpc.deb

Size/MD5 checksum: 507092 bd57425832d21b0a12843d196c2ba4f0

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.4_s390.deb

Size/MD5 checksum: 512130 cd095e0a66981c279d8d1ede88c67a60

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/t/tar/tar_1.14-2.4_sparc.deb

Size/MD5 checksum: 499878 062c6de1a4b1b5a0ea9da2926f5d80ec

Debian 4.0 (stable)

- -------------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/t/tar/tar_1.16-2etch1.diff.gz

Size/MD5 checksum:31360 96eb9bcd2d8257893a4f530eb00c9da5

http://security.debian.org/pool/updates/main/t/tar/tar_1.16.orig.tar.gz

Size/MD5 checksum:2199571 d971b9d6114ad0527ef89fab0d3167e0

http://security.debian.org/pool/updates/main/t/tar/tar_1.16-2etch1.dsc

Size/MD5 checksum:871 c7d9d75758a04174348cd65bb7aaab16

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/t/tar/tar_1.16-2etch1_alpha.deb

Size/MD5 checksum: 738546 c181b637bb4ed83619c0086bb3d19312

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/t/tar/tar_1.16-2etch1_amd64.

参考网址

来源: US-CERT

名称: TA07-352A

链接:http://www.us-cert.gov/cas/techalerts/TA07-352A.HTML

来源: REDHAT

名称: RHSA-2007:0860

链接:http://www.redhat.com/support/errata/RHSA-2007-0860.HTML

来源: BID

名称: 25417

链接:http://www.securityfocus.com/bid/25417

来源: MISC

链接:http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=251921

来源: FEDORA

名称: FEDORA-2007-2673

链接:https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00370.HTML

来源: issues.rpath.com

链接:https://issues.rpath.com/browse/RPL-1631

来源: UBUNTU

名称: USN-506-1

链接:http://www.ubuntu.com/usn/usn-506-1

来源: TRUSTIX

名称: 2007-0026

链接:http://www.trustix.org/errata/2007/0026/

来源: SECTRACK

名称: 1018599

链接:http://www.securitytracker.com/id?1018599

来源: BUGTRAQ

名称: 20070827 FLEA-2007-0049-1 tar

链接:http://www.securityfocus.com/archive/1/archive/1/477865/100/0/threaded

来源: BUGTRAQ

名称: 20070825 rPSA-2007-0172-1 tar

链接:http://www.securityfocus.com/archive/1/archive/1/477731/100/0/threaded

来源: SUSE

名称: SUSE-SR:2007:018

链接:http://www.novell.com/linux/security/advisories/2007_18_sr.HTML

来源: MANDRIVA

名称: MDKSA-2007:173

链接:http://www.mandriva.com/security/advisories?name=MDKSA-2007:173

来源: VUPEN

名称: ADV-2007-4238

链接:http://www.frsirt.com/english/advisories/2007/4238

来源: VUPEN

名称: ADV-2007-2958

链接:http://www.frsirt.com/english/advisories/2007/2958

来源: DEBIAN

名称: DSA-1438

链接:http://www.debian.org/security/2007/dsa-1438

来源: support.avaya.com

链接:http://support.avaya.com/elmodocs2/security/ASA-2007-383.htm

来源: GENTOO

名称: GLSA-200709-09

链接:http://security.gentoo.org/glsa/glsa-200709-09.xml

来源: FREEBSD

名称: FreeBSD-SA-07:10

链接:http://security.FreeBSD.org/advisories/FreeBSD-SA-07:10.gtar.asc

来源: SECUNIA

名称: 28255

链接:http://secunia.com/advisories/28255

来源: SECUNIA

名称: 28136

链接:http://secunia.com/advisories/28136

来源: SECUNIA

名称: 27861

链接:http://secunia.com/advisories/27861

来源: SECUNIA

名称: 27453

链接:http://secunia.com/advisories/27453

来源: SECUNIA

名称: 26984

链接:http://secunia.com/advisories/26984

来源: SECUNIA

名称: 26822

链接:http://secunia.com/advisories/26822

来源: SECUNIA

名称: 26781

链接:http://secunia.com/advisories/26781

来源: SECUNIA

名称: 26674

链接:http://secunia.com/advisories/26674

来源: SECUNIA

名称: 26673

链接:http://secunia.com/advisories/26673

来源: SECUNIA

名称: 26655

链接:http://secunia.com/advisories/26655

来源: SECUNIA

名称: 26604

链接:http://secunia.com/advisories/26604

来源: SECUNIA

名称: 26603

链接:http://secunia.com/advisories/26603

来源: SECUNIA

名称: 26590

链接:http://secunia.com/advisories/26590

来源: SECUNIA

名称: 26573

链接:http://secunia.com/advisories/26573

来源: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple

名称: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple-SA-2007-12-17

链接:http://lists.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/archives/security-announce/2007/Dec/msg00002.HTML

来源: docs.info.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com

链接:http://docs.info.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/article.HTML?artnum=307179

受影响实体

  • Rpath Rpath_linux:1  

补丁

    暂无

weinxin
特别声明
本站(ZONE.CI)所有文章仅供技术研究,若将其信息做其他用途,由用户承担全部法律及连带责任,本站不承担任何法律及连带责任,请遵守中华人民共和国安全法.
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
咨询加Q:999999999
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
ZONE.CI 全球网 安全领域涉猎者-乌云独行地带
获取本源码
售前咨询加Q:120433200
站媒体网仿《知更鸟》模板
获取本源码 zmt6.com
评论:0   参与:  0