Wind River Support Network

HomeDefectsLIN9-2734
Fixed

LIN9-2734 : Security Advisory - tar - CVE-2016-6321

Created: Dec 15, 2016    Updated: May 29, 2018
Resolved Date: Apr 10, 2018
Found In Version: unknown
Fix Version: 9.0.0.4
Severity: Standard
Applicable for: Wind River Linux 9
Component/s: Userspace

Description

Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka POINTYFEATHER.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6321

Other Downloads


CVEs


Live chat
Online