7.5

CVE-2007-4476

Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnuTar Version < 1.19
DebianDebian Linux Version3.1
DebianDebian Linux Version4.0
CanonicalUbuntu Linux Version6.06
CanonicalUbuntu Linux Version7.04
CanonicalUbuntu Linux Version7.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 14.9% 0.963
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
Third Party Advisory
http://secunia.com/advisories/26987
Third Party Advisory
http://www.novell.com/linux/security/advisories/2007_19_sr.html
Broken Link
http://secunia.com/advisories/27857
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:233
Broken Link
http://secunia.com/advisories/26674
Patch
Third Party Advisory
http://www.novell.com/linux/security/advisories/2007_18_sr.html
Broken Link
http://secunia.com/advisories/27453
Third Party Advisory
http://secunia.com/advisories/28255
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021680.1-1
Broken Link
http://www.debian.org/security/2007/dsa-1438
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00370.html
Third Party Advisory
http://bugs.gentoo.org/show_bug.cgi?id=196978
Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691
Third Party Advisory
http://secunia.com/advisories/27331
Third Party Advisory
http://secunia.com/advisories/27514
Third Party Advisory
http://secunia.com/advisories/27681
Third Party Advisory
http://secunia.com/advisories/29968
Third Party Advisory
http://secunia.com/advisories/32051
Third Party Advisory
http://secunia.com/advisories/33567
Third Party Advisory
http://secunia.com/advisories/39008
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200711-18.xml
Third Party Advisory
http://www.debian.org/security/2008/dsa-1566
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:197
Broken Link
http://www.redhat.com/support/errata/RHSA-2010-0141.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0144.html
Third Party Advisory
http://www.securityfocus.com/bid/26445
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/usn-650-1
Third Party Advisory
http://www.ubuntu.com/usn/usn-709-1
Third Party Advisory
http://www.vupen.com/english/advisories/2010/0628
Permissions Required
http://www.vupen.com/english/advisories/2010/0629
Permissions Required
https://bugzilla.redhat.com/show_bug.cgi?id=280961
Third Party Advisory
Issue Tracking
https://issues.rpath.com/browse/RPL-1861
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7114
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8599
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9336
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00073.html
Third Party Advisory