Vulnerability-Lookup

CVE-2007-4476 (GCVE-0-2007-4476)

Vulnerability from cvelistv5 – Published: 2007-09-05 05:00 – Updated: 2024-08-07 14:53

Summary

Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	http://secunia.com/advisories/27331	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/32051	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/29968	third-party-advisoryx_refsource_SECUNIA
	http://www.novell.com/linux/security/advisories/2…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/27681	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/26445	vdb-entryx_refsource_BID
	http://secunia.com/advisories/27453	third-party-advisoryx_refsource_SECUNIA
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://www.debian.org/security/2008/dsa-1566	vendor-advisoryx_refsource_DEBIAN
	http://secunia.com/advisories/27514	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.ubuntu.com/usn/usn-709-1	vendor-advisoryx_refsource_UBUNTU
	https://issues.rpath.com/browse/RPL-1861	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2010-01…	vendor-advisoryx_refsource_REDHAT
	http://www.debian.org/security/2007/dsa-1438	vendor-advisoryx_refsource_DEBIAN
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://secunia.com/advisories/27857	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/0629	vdb-entryx_refsource_VUPEN
	http://security.gentoo.org/glsa/glsa-200711-18.xml	vendor-advisoryx_refsource_GENTOO
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://secunia.com/advisories/26987	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.novell.com/linux/security/advisories/2…	vendor-advisoryx_refsource_SUSE
	http://www.vupen.com/english/advisories/2010/0628	vdb-entryx_refsource_VUPEN
	http://www.redhat.com/support/errata/RHSA-2010-01…	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/28255	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/33567	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/39008	third-party-advisoryx_refsource_SECUNIA
	http://kb.juniper.net/InfoCenter/index?page=conte…	x_refsource_CONFIRM
	http://kb.juniper.net/InfoCenter/index?page=conte…	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/usn-650-1	vendor-advisoryx_refsource_UBUNTU
	http://secunia.com/advisories/26674	third-party-advisoryx_refsource_SECUNIA
	https://bugzilla.redhat.com/show_bug.cgi?id=280961	x_refsource_CONFIRM
	http://bugs.gentoo.org/show_bug.cgi?id=196978	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:53:55.972Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1021680",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021680.1-1"
          },
          {
            "name": "27331",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27331"
          },
          {
            "name": "32051",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32051"
          },
          {
            "name": "29968",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29968"
          },
          {
            "name": "SUSE-SR:2007:019",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
          },
          {
            "name": "27681",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27681"
          },
          {
            "name": "26445",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26445"
          },
          {
            "name": "27453",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27453"
          },
          {
            "name": "FEDORA-2007-2673",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00370.html"
          },
          {
            "name": "DSA-1566",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1566"
          },
          {
            "name": "27514",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27514"
          },
          {
            "name": "oval:org.mitre.oval:def:8599",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8599"
          },
          {
            "name": "USN-709-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-709-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1861"
          },
          {
            "name": "RHSA-2010:0144",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0144.html"
          },
          {
            "name": "DSA-1438",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1438"
          },
          {
            "name": "MDKSA-2007:233",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:233"
          },
          {
            "name": "FEDORA-2007-735",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00073.html"
          },
          {
            "name": "oval:org.mitre.oval:def:9336",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9336"
          },
          {
            "name": "27857",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27857"
          },
          {
            "name": "ADV-2010-0629",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0629"
          },
          {
            "name": "GLSA-200711-18",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200711-18.xml"
          },
          {
            "name": "MDKSA-2007:197",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:197"
          },
          {
            "name": "26987",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26987"
          },
          {
            "name": "oval:org.mitre.oval:def:7114",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7114"
          },
          {
            "name": "SUSE-SR:2007:018",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_18_sr.html"
          },
          {
            "name": "ADV-2010-0628",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0628"
          },
          {
            "name": "RHSA-2010:0141",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0141.html"
          },
          {
            "name": "28255",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28255"
          },
          {
            "name": "33567",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33567"
          },
          {
            "name": "39008",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39008"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
          },
          {
            "name": "USN-650-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-650-1"
          },
          {
            "name": "26674",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26674"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=280961"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=196978"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-08-31T04:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a \"crashing stack.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T16:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "1021680",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021680.1-1"
        },
        {
          "name": "27331",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27331"
        },
        {
          "name": "32051",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32051"
        },
        {
          "name": "29968",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29968"
        },
        {
          "name": "SUSE-SR:2007:019",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
        },
        {
          "name": "27681",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27681"
        },
        {
          "name": "26445",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26445"
        },
        {
          "name": "27453",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27453"
        },
        {
          "name": "FEDORA-2007-2673",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00370.html"
        },
        {
          "name": "DSA-1566",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1566"
        },
        {
          "name": "27514",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27514"
        },
        {
          "name": "oval:org.mitre.oval:def:8599",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8599"
        },
        {
          "name": "USN-709-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-709-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1861"
        },
        {
          "name": "RHSA-2010:0144",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0144.html"
        },
        {
          "name": "DSA-1438",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1438"
        },
        {
          "name": "MDKSA-2007:233",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:233"
        },
        {
          "name": "FEDORA-2007-735",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00073.html"
        },
        {
          "name": "oval:org.mitre.oval:def:9336",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9336"
        },
        {
          "name": "27857",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27857"
        },
        {
          "name": "ADV-2010-0629",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0629"
        },
        {
          "name": "GLSA-200711-18",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200711-18.xml"
        },
        {
          "name": "MDKSA-2007:197",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:197"
        },
        {
          "name": "26987",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26987"
        },
        {
          "name": "oval:org.mitre.oval:def:7114",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7114"
        },
        {
          "name": "SUSE-SR:2007:018",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_18_sr.html"
        },
        {
          "name": "ADV-2010-0628",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0628"
        },
        {
          "name": "RHSA-2010:0141",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0141.html"
        },
        {
          "name": "28255",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28255"
        },
        {
          "name": "33567",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33567"
        },
        {
          "name": "39008",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39008"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
        },
        {
          "name": "USN-650-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-650-1"
        },
        {
          "name": "26674",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26674"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=280961"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=196978"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-4476",
    "datePublished": "2007-09-05T05:00:00.000Z",
    "dateReserved": "2007-08-22T04:00:00.000Z",
    "dateUpdated": "2024-08-07T14:53:55.972Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GSD-2007-4476

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."

Aliases

CVE-2007-4476

Aliases

CVE-2007-4476

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-4476",
    "description": "Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a \"crashing stack.\"",
    "id": "GSD-2007-4476",
    "references": [
      "https://www.suse.com/security/cve/CVE-2007-4476.html",
      "https://www.debian.org/security/2008/dsa-1566",
      "https://www.debian.org/security/2007/dsa-1438",
      "https://access.redhat.com/errata/RHSA-2010:0144",
      "https://access.redhat.com/errata/RHSA-2010:0141",
      "https://linux.oracle.com/cve/CVE-2007-4476.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-4476"
      ],
      "details": "Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a \"crashing stack.\"",
      "id": "GSD-2007-4476",
      "modified": "2023-12-13T01:21:36.700555Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2007-4476",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a \"crashing stack.\""
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705",
            "refsource": "MISC",
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
          },
          {
            "name": "http://secunia.com/advisories/26987",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/26987"
          },
          {
            "name": "http://www.novell.com/linux/security/advisories/2007_19_sr.html",
            "refsource": "MISC",
            "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
          },
          {
            "name": "http://secunia.com/advisories/26674",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/26674"
          },
          {
            "name": "http://secunia.com/advisories/27453",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/27453"
          },
          {
            "name": "http://secunia.com/advisories/28255",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/28255"
          },
          {
            "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021680.1-1",
            "refsource": "MISC",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021680.1-1"
          },
          {
            "name": "http://www.debian.org/security/2007/dsa-1438",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2007/dsa-1438"
          },
          {
            "name": "http://www.novell.com/linux/security/advisories/2007_18_sr.html",
            "refsource": "MISC",
            "url": "http://www.novell.com/linux/security/advisories/2007_18_sr.html"
          },
          {
            "name": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00370.html",
            "refsource": "MISC",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00370.html"
          },
          {
            "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691",
            "refsource": "MISC",
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
          },
          {
            "name": "http://bugs.gentoo.org/show_bug.cgi?id=196978",
            "refsource": "MISC",
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=196978"
          },
          {
            "name": "http://secunia.com/advisories/27331",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/27331"
          },
          {
            "name": "http://secunia.com/advisories/27514",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/27514"
          },
          {
            "name": "http://secunia.com/advisories/27681",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/27681"
          },
          {
            "name": "http://secunia.com/advisories/27857",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/27857"
          },
          {
            "name": "http://secunia.com/advisories/29968",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/29968"
          },
          {
            "name": "http://secunia.com/advisories/32051",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32051"
          },
          {
            "name": "http://secunia.com/advisories/33567",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/33567"
          },
          {
            "name": "http://secunia.com/advisories/39008",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/39008"
          },
          {
            "name": "http://security.gentoo.org/glsa/glsa-200711-18.xml",
            "refsource": "MISC",
            "url": "http://security.gentoo.org/glsa/glsa-200711-18.xml"
          },
          {
            "name": "http://www.debian.org/security/2008/dsa-1566",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2008/dsa-1566"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:197",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:197"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:233",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:233"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2010-0141.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0141.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2010-0144.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0144.html"
          },
          {
            "name": "http://www.securityfocus.com/bid/26445",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/26445"
          },
          {
            "name": "http://www.ubuntu.com/usn/usn-650-1",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/usn-650-1"
          },
          {
            "name": "http://www.ubuntu.com/usn/usn-709-1",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/usn-709-1"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2010/0628",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2010/0628"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2010/0629",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2010/0629"
          },
          {
            "name": "https://issues.rpath.com/browse/RPL-1861",
            "refsource": "MISC",
            "url": "https://issues.rpath.com/browse/RPL-1861"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7114",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7114"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8599",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8599"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9336",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9336"
          },
          {
            "name": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00073.html",
            "refsource": "MISC",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00073.html"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=280961",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=280961"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:gnu:tar:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.19",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2007-4476"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a \"crashing stack.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                },
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SR:2007:018",
              "refsource": "SUSE",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2007_18_sr.html"
            },
            {
              "name": "26674",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/26674"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1861",
              "refsource": "CONFIRM",
              "tags": [
                "Broken Link"
              ],
              "url": "https://issues.rpath.com/browse/RPL-1861"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=280961",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Third Party Advisory"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=280961"
            },
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=196978",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=196978"
            },
            {
              "name": "FEDORA-2007-2673",
              "refsource": "FEDORA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00370.html"
            },
            {
              "name": "FEDORA-2007-735",
              "refsource": "FEDORA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00073.html"
            },
            {
              "name": "GLSA-200711-18",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200711-18.xml"
            },
            {
              "name": "MDKSA-2007:197",
              "refsource": "MANDRIVA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:197"
            },
            {
              "name": "MDKSA-2007:233",
              "refsource": "MANDRIVA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:233"
            },
            {
              "name": "SUSE-SR:2007:019",
              "refsource": "SUSE",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
            },
            {
              "name": "26445",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/26445"
            },
            {
              "name": "26987",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/26987"
            },
            {
              "name": "27331",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/27331"
            },
            {
              "name": "27453",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/27453"
            },
            {
              "name": "27514",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/27514"
            },
            {
              "name": "27681",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/27681"
            },
            {
              "name": "27857",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/27857"
            },
            {
              "name": "DSA-1438",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.debian.org/security/2007/dsa-1438"
            },
            {
              "name": "28255",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/28255"
            },
            {
              "name": "DSA-1566",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.debian.org/security/2008/dsa-1566"
            },
            {
              "name": "29968",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/29968"
            },
            {
              "name": "USN-709-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/usn-709-1"
            },
            {
              "name": "33567",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/33567"
            },
            {
              "name": "USN-650-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/usn-650-1"
            },
            {
              "name": "32051",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/32051"
            },
            {
              "name": "RHSA-2010:0141",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0141.html"
            },
            {
              "name": "RHSA-2010:0144",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0144.html"
            },
            {
              "name": "ADV-2010-0629",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0629"
            },
            {
              "name": "ADV-2010-0628",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0628"
            },
            {
              "name": "39008",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/39008"
            },
            {
              "name": "1021680",
              "refsource": "SUNALERT",
              "tags": [
                "Broken Link"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021680.1-1"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
            },
            {
              "name": "oval:org.mitre.oval:def:9336",
              "refsource": "OVAL",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9336"
            },
            {
              "name": "oval:org.mitre.oval:def:8599",
              "refsource": "OVAL",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8599"
            },
            {
              "name": "oval:org.mitre.oval:def:7114",
              "refsource": "OVAL",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7114"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2021-05-17T19:55Z",
      "publishedDate": "2007-09-05T01:17Z"
    }
  }
}

CERTA-2007-AVI-391

Vulnerability from certfr_avis - Published: 2007-09-06 - Updated: 2009-12-04

None

Description

Une vulnérabilité a été identifiée dans GNU tar. L'exploitation d'un débordement de mémoire dans la fonction safer_name_suffix() peut compromettre la pile. L'impact est inconnu.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	GNU tar ;
N/A	N/A	OpenSolaris sur x86 de snv_01 à snv_11.
N/A	N/A	Solaris 10 sur SPARC sans le patch 139099-03 ;
N/A	N/A	OpenSolaris sur SPARC de snv_01 à snv_115 ;
N/A	N/A	Solaris 9 sur SPARC ;
N/A	N/A	Solaris 9 sur x86 ;
N/A	N/A	Solaris 10 sur x86 sans le patch 139100-03 ;

References

Title

Publication Time

Tags

Bulletin de sécurité SuSE SUSE-SR:2007:018 du 31 août 2007	None	vendor-advisory
Bulletin de sécurité Gentoo GLSA-200711-18 du 14 novembre 2007 :	-	other
Bulletin de sécurité Debian DSA-1566 du 02 mai 2008 :	-	other
Bulletin de sécurité Mandriva MDVSA-2007:233 du 28 novembre 2007 :	-	other
Bulletin de sécurité Sun 1-66-273551-1 du 02 décembre 2009 :	-	other
Bulletin de sécurité SuSE SUSE-SA:2007:018 du 31 août 2007 :	-	other
Bulletin de sécurité Debian DSA-1438 du 28 décembre 2008 :	-	other
Bulletin de sécurité Ubuntu USN-650-1 du 02 octobre 2008 :	-	other
Bulletin de sécurité SuSE SUSE-SA:2007:019 du 28 septembre 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "GNU tar ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "OpenSolaris sur x86 de snv_01 \u00e0 snv_11.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Solaris 10 sur SPARC sans le patch 139099-03 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "OpenSolaris sur SPARC de snv_01 \u00e0 snv_115 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Solaris 9 sur SPARC ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Solaris 9 sur x86 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Solaris 10 sur x86 sans le patch 139100-03 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans GNU tar. L\u0027exploitation d\u0027un\nd\u00e9bordement de m\u00e9moire dans la fonction safer_name_suffix() peut\ncompromettre la pile. L\u0027impact est inconnu.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-4476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4476"
    }
  ],
  "initial_release_date": "2007-09-06T00:00:00",
  "last_revision_date": "2009-12-04T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200711-18 du 14 novembre    2007 :",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-18.xml"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-1566 du 02 mai 2008 :",
      "url": "http://www.debian.org/security/2008/dsa-1566"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDVSA-2007:233 du 28 novembre    2007 :",
      "url": "http://www.mandriva.com/en/security/advisories?name=MDKSA-2007-233"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Sun 1-66-273551-1 du 02 d\u00e9cembre 2009    :",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273551-1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SA:2007:018 du 31 ao\u00fbt 2007    :",
      "url": "http://www.novell.com/linux/security/advisories/2007_18_sr.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-1438 du 28 d\u00e9cembre 2008 :",
      "url": "http://www.debian.org/security/2008/dsa-1438"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-650-1 du 02 octobre 2008 :",
      "url": "http://www.ubuntu.com/usn/usn-650-1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SA:2007:019 du 28 septembre    2007 :",
      "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
    }
  ],
  "reference": "CERTA-2007-AVI-391",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-09-06T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 SuSE.",
      "revision_date": "2007-11-07T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Mandriva.",
      "revision_date": "2007-11-30T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Ubuntu, Debian et Gentoo.",
      "revision_date": "2008-10-07T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Sun et des syst\u00e8mes affect\u00e9s.",
      "revision_date": "2009-12-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": null,
  "title": "Vuln\u00e9rabilit\u00e9 dans GNU Tar",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SR:2007:018 du 31 ao\u00fbt 2007",
      "url": null
    }
  ]
}

CERTFR-2015-AVI-431

Vulnerability from certfr_avis - Published: 2015-10-15 - Updated: 2015-10-15

De multiples vulnérabilités ont été corrigées dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	QFabric 3100 Director versions 12.x
N/A	N/A	ScreenOS
N/A	N/A	CTPView 7.0R3
Juniper Networks	Junos OS	Juniper Junos OS

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10694 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10700 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10703 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10708 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10705 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10706 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10695 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10699 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10697 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10707 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10702 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10704 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10696 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10701 du 14 octobre 2015	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "QFabric 3100 Director versions 12.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ScreenOS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CTPView 7.0R3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-2905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2905"
    },
    {
      "name": "CVE-2011-2483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2483"
    },
    {
      "name": "CVE-2013-1667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1667"
    },
    {
      "name": "CVE-2012-3417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3417"
    },
    {
      "name": "CVE-2014-0063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0063"
    },
    {
      "name": "CVE-2015-5600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5600"
    },
    {
      "name": "CVE-2014-3566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3566"
    },
    {
      "name": "CVE-2014-8867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8867"
    },
    {
      "name": "CVE-2015-1793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1793"
    },
    {
      "name": "CVE-2015-1791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1791"
    },
    {
      "name": "CVE-2009-3490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3490"
    },
    {
      "name": "CVE-2012-0866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0866"
    },
    {
      "name": "CVE-2010-3433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3433"
    },
    {
      "name": "CVE-2012-5526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5526"
    },
    {
      "name": "CVE-2010-1447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1447"
    },
    {
      "name": "CVE-2014-0061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0061"
    },
    {
      "name": "CVE-2009-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0115"
    },
    {
      "name": "CVE-2007-6067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6067"
    },
    {
      "name": "CVE-2010-0826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0826"
    },
    {
      "name": "CVE-2014-8159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8159"
    },
    {
      "name": "CVE-2010-0211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0211"
    },
    {
      "name": "CVE-2013-4242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4242"
    },
    {
      "name": "CVE-2015-1158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1158"
    },
    {
      "name": "CVE-2015-2808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2808"
    },
    {
      "name": "CVE-2010-4352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4352"
    },
    {
      "name": "CVE-2015-7749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7749"
    },
    {
      "name": "CVE-2011-1720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1720"
    },
    {
      "name": "CVE-2010-1168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1168"
    },
    {
      "name": "CVE-2009-1189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1189"
    },
    {
      "name": "CVE-2014-6450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6450"
    },
    {
      "name": "CVE-2015-1789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1789"
    },
    {
      "name": "CVE-2008-2937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2937"
    },
    {
      "name": "CVE-2012-2697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2697"
    },
    {
      "name": "CVE-2013-2566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2566"
    },
    {
      "name": "CVE-2011-1081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1081"
    },
    {
      "name": "CVE-2009-1632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1632"
    },
    {
      "name": "CVE-2012-3488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3488"
    },
    {
      "name": "CVE-2015-5361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5361"
    },
    {
      "name": "CVE-2013-6435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6435"
    },
    {
      "name": "CVE-2010-2761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2761"
    },
    {
      "name": "CVE-2012-5195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5195"
    },
    {
      "name": "CVE-2015-1788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1788"
    },
    {
      "name": "CVE-2014-6449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6449"
    },
    {
      "name": "CVE-2015-1792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1792"
    },
    {
      "name": "CVE-2014-6451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6451"
    },
    {
      "name": "CVE-2012-6329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6329"
    },
    {
      "name": "CVE-2014-4345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4345"
    },
    {
      "name": "CVE-2008-5302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5302"
    },
    {
      "name": "CVE-2013-6629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6629"
    },
    {
      "name": "CVE-2014-2285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2285"
    },
    {
      "name": "CVE-2013-4449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4449"
    },
    {
      "name": "CVE-2012-0868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0868"
    },
    {
      "name": "CVE-2007-4476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4476"
    },
    {
      "name": "CVE-2010-4410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4410"
    },
    {
      "name": "CVE-2008-5161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5161"
    },
    {
      "name": "CVE-2015-7752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7752"
    },
    {
      "name": "CVE-2010-0407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0407"
    },
    {
      "name": "CVE-2014-0064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0064"
    },
    {
      "name": "CVE-2014-0065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0065"
    },
    {
      "name": "CVE-2007-4772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4772"
    },
    {
      "name": "CVE-2013-0292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0292"
    },
    {
      "name": "CVE-2012-6151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6151"
    },
    {
      "name": "CVE-2008-5303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5303"
    },
    {
      "name": "CVE-2015-1159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1159"
    },
    {
      "name": "CVE-2011-2200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2200"
    },
    {
      "name": "CVE-2015-7748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7748"
    },
    {
      "name": "CVE-2015-7750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7750"
    },
    {
      "name": "CVE-2015-7751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7751"
    },
    {
      "name": "CVE-2011-0411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0411"
    },
    {
      "name": "CVE-2008-3834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3834"
    },
    {
      "name": "CVE-2010-0624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0624"
    },
    {
      "name": "CVE-2014-0062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0062"
    },
    {
      "name": "CVE-2011-1025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1025"
    },
    {
      "name": "CVE-2014-6448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6448"
    },
    {
      "name": "CVE-2011-3597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3597"
    },
    {
      "name": "CVE-2010-0212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0212"
    },
    {
      "name": "CVE-2009-1185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1185"
    },
    {
      "name": "CVE-2009-4901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4901"
    },
    {
      "name": "CVE-2010-1172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1172"
    },
    {
      "name": "CVE-2010-4530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4530"
    },
    {
      "name": "CVE-2011-1024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1024"
    },
    {
      "name": "CVE-2014-3660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3660"
    },
    {
      "name": "CVE-2014-0060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0060"
    },
    {
      "name": "CVE-1999-0524",
      "url": "https://www.cve.org/CVERecord?id=CVE-1999-0524"
    },
    {
      "name": "CVE-2010-4015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4015"
    },
    {
      "name": "CVE-2011-0002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0002"
    },
    {
      "name": "CVE-2009-1574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1574"
    },
    {
      "name": "CVE-2009-3736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3736"
    },
    {
      "name": "CVE-2015-1790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1790"
    },
    {
      "name": "CVE-2012-2143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2143"
    },
    {
      "name": "CVE-2014-0066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0066"
    },
    {
      "name": "CVE-2010-0001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0001"
    }
  ],
  "initial_release_date": "2015-10-15T00:00:00",
  "last_revision_date": "2015-10-15T00:00:00",
  "links": [],
  "reference": "CERTFR-2015-AVI-431",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-10-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eJuniper\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10694 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10694\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10700 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10700\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10703 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10703\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10708 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10708\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10705 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10706 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10706\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10695 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10695\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10699 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10699\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10697 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10697\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10707 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10707\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10702 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10702\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10704 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10704\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10696 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10696\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10701 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10701\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

GHSA-QC9F-9QMM-9663

Vulnerability from github – Published: 2022-05-01 18:24 – Updated: 2022-05-01 18:24

Details

Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-4476"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-09-05T01:17:00Z",
    "severity": "HIGH"
  },
  "details": "Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a \"crashing stack.\"",
  "id": "GHSA-qc9f-9qmm-9663",
  "modified": "2022-05-01T18:24:00Z",
  "published": "2022-05-01T18:24:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-4476"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=280961"
    },
    {
      "type": "WEB",
      "url": "https://issues.rpath.com/browse/RPL-1861"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7114"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8599"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9336"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00073.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00370.html"
    },
    {
      "type": "WEB",
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=196978"
    },
    {
      "type": "WEB",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
    },
    {
      "type": "WEB",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26674"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26987"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27331"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27453"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27514"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27681"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27857"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28255"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29968"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/32051"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/33567"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/39008"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200711-18.xml"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021680.1-1"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2007/dsa-1438"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1566"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:197"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:233"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2007_18_sr.html"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0141.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0144.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/26445"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-650-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-709-1"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/0628"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/0629"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2007-4476

Vulnerability from fkie_nvd - Published: 2007-09-05 01:17 - Updated: 2025-04-09 00:30

Severity ?

Summary

Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."

References

URL	Tags
secalert@redhat.com	http://bugs.gentoo.org/show_bug.cgi?id=196978	Third Party Advisory
secalert@redhat.com	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691	Third Party Advisory
secalert@redhat.com	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/26674	Patch, Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/26987	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/27331	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/27453	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/27514	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/27681	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/27857	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/28255	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/29968	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/32051	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/33567	Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/39008	Third Party Advisory
secalert@redhat.com	http://security.gentoo.org/glsa/glsa-200711-18.xml	Third Party Advisory
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021680.1-1	Broken Link
secalert@redhat.com	http://www.debian.org/security/2007/dsa-1438	Third Party Advisory
secalert@redhat.com	http://www.debian.org/security/2008/dsa-1566	Third Party Advisory
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2007:197	Broken Link
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2007:233	Broken Link
secalert@redhat.com	http://www.novell.com/linux/security/advisories/2007_18_sr.html	Broken Link
secalert@redhat.com	http://www.novell.com/linux/security/advisories/2007_19_sr.html	Broken Link
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2010-0141.html	Third Party Advisory
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2010-0144.html	Third Party Advisory
secalert@redhat.com	http://www.securityfocus.com/bid/26445	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.ubuntu.com/usn/usn-650-1	Third Party Advisory
secalert@redhat.com	http://www.ubuntu.com/usn/usn-709-1	Third Party Advisory
secalert@redhat.com	http://www.vupen.com/english/advisories/2010/0628	Permissions Required
secalert@redhat.com	http://www.vupen.com/english/advisories/2010/0629	Permissions Required
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=280961	Issue Tracking, Third Party Advisory
secalert@redhat.com	https://issues.rpath.com/browse/RPL-1861	Broken Link
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7114	Third Party Advisory
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8599	Third Party Advisory
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9336	Third Party Advisory
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00073.html	Third Party Advisory
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00370.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://bugs.gentoo.org/show_bug.cgi?id=196978	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26674	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26987	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27331	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27453	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27514	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27681	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27857	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28255	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29968	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/32051	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/33567	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/39008	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200711-18.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021680.1-1	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2007/dsa-1438	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1566	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:197	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:233	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2007_18_sr.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2007_19_sr.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2010-0141.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2010-0144.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26445	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-650-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-709-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0628	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0629	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=280961	Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1861	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7114	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8599	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9336	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00073.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00370.html	Third Party Advisory

Impacted products

Vendor	Product	Version
gnu	tar	*
debian	debian_linux	3.1
debian	debian_linux	4.0
canonical	ubuntu_linux	6.06
canonical	ubuntu_linux	7.04
canonical	ubuntu_linux	7.10

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:tar:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00857445-82BA-4EE6-80AE-BF7F87EEFAC0",
              "versionEndExcluding": "1.19",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
              "matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "823BF8BE-2309-4F67-A5E2-EAD98F723468",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a \"crashing stack.\""
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en la funci\u00f3n safer_name_suffix en GNU tar tienen un vector de ataque sin especificar y un impacto, teniendo como resultado una \"caida de pila\"."
    }
  ],
  "id": "CVE-2007-4476",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-09-05T01:17:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=196978"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26674"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26987"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/27331"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/27453"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/27514"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/27681"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/27857"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/28255"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/29968"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/32051"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/33567"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/39008"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200711-18.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021680.1-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2007/dsa-1438"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2008/dsa-1566"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:197"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:233"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2007_18_sr.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0141.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0144.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/26445"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/usn-650-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/usn-709-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0628"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0629"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=280961"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://issues.rpath.com/browse/RPL-1861"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7114"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8599"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9336"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00073.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00370.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=196978"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26674"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26987"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/27331"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/27453"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/27514"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/27681"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/27857"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/28255"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/29968"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/32051"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/33567"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/39008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200711-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021680.1-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2007/dsa-1438"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2008/dsa-1566"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:197"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:233"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2007_18_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0141.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0144.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/26445"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/usn-650-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/usn-709-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0628"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0629"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=280961"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://issues.rpath.com/browse/RPL-1861"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7114"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8599"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9336"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00073.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00370.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "This issue was addressed in Red Hat Enterprise Linux 4 and 5 via https://rhn.redhat.com/errata/RHSA-2010-0141.html for tar.  It did not affect the version of tar as shipped with Red Hat Enterprise Linux 3. This issue was also addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2010-0144.html for cpio.  It did not affect the version of cpio as shipped with Red Hat Enterprise Linux 3 and 4.",
      "lastModified": "2010-03-15T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        },
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2007-4476 (GCVE-0-2007-4476)

GSD-2007-4476

CERTA-2007-AVI-391

Description

Solution

CERTFR-2015-AVI-431

Solution

GHSA-QC9F-9QMM-9663

FKIE_CVE-2007-4476

Tags

Sightings

Nomenclature