Wind River Support Network

HomeDefectsLIN6-12110
Fixed

LIN6-12110 : Security Advisory - tar - CVE-2016-6321

Created: Dec 15, 2016    Updated: Dec 3, 2018
Resolved Date: Jan 4, 2017
Found In Version: 6.0.0.31
Fix Version: 6.0.0.32
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace

Description

Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka POINTYFEATHER.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6321

Other Downloads


Live chat
Online