CVE-2006-6097 - Vulnerability Details

GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function in extract.c and extract_mangle function in mangle.c, a variant of CVE-2002-1216.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gnu	Tar
Redhat	Enterprise Linux

Configuration 1 [-]

OR	cpe:2.3:a:gnu:tar:1.15.1:::::::*
	cpe:2.3:a:gnu:tar:1.16:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 2.1
tar-0:1.13.25-6.AS21.1	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2006:0749	2006-12-19T00:00:00Z
Red Hat Enterprise Linux 3
tar-0:1.13.25-15.RHEL3	cpe:/o:redhat:enterprise_linux:3	RHSA-2006:0749	2006-12-19T00:00:00Z
Red Hat Enterprise Linux 4
tar-0:1.14-12.RHEL4	cpe:/o:redhat:enterprise_linux:4	RHSA-2006:0749	2006-12-19T00:00:00Z

References

Link	Providers
ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc
http://docs.info.apple.com/article.html?artnum=305214
http://kb.vmware.com/KanisaPlatform/Publishing/817/2240267_f.SAL_Public.html
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050812.html
http://rhn.redhat.com/errata/RHSA-2006-0749.html
http://secunia.com/advisories/23115
http://secunia.com/advisories/23117
http://secunia.com/advisories/23142
http://secunia.com/advisories/23146
http://secunia.com/advisories/23163
http://secunia.com/advisories/23173
http://secunia.com/advisories/23198
http://secunia.com/advisories/23209
http://secunia.com/advisories/23314
http://secunia.com/advisories/23443
http://secunia.com/advisories/23514
http://secunia.com/advisories/23911
http://secunia.com/advisories/24479
http://secunia.com/advisories/24636
http://security.freebsd.org/advisories/FreeBSD-SA-06:26.gtar.asc
http://security.gentoo.org/glsa/glsa-200612-10.xml
http://securityreason.com/securityalert/1918
http://securitytracker.com/id?1017423
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.469379
http://support.avaya.com/elmodocs2/security/ASA-2007-015.htm
http://www.debian.org/security/2006/dsa-1223
http://www.mandriva.com/security/advisories?name=MDKSA-2006:219
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.038.html
http://www.securityfocus.com/archive/1/453286/100/0/threaded
http://www.securityfocus.com/archive/1/464268/100/0/threaded
http://www.securityfocus.com/bid/21235
http://www.trustix.org/errata/2006/0068/
http://www.ubuntu.com/usn/usn-385-1
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html
http://www.vupen.com/english/advisories/2006/4717
http://www.vupen.com/english/advisories/2006/5102
http://www.vupen.com/english/advisories/2007/0930
http://www.vupen.com/english/advisories/2007/1171
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216937
https://issues.rpath.com/browse/RPL-821
https://nvd.nist.gov/vuln/detail/CVE-2006-6097
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10963
https://www.cve.org/CVERecord?id=CVE-2006-6097

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-11-24T18:00:00

Updated: 2024-08-07T20:12:31.768Z

Reserved: 2006-11-24T00:00:00

Link: CVE-2006-6097

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2006-11-24T18:07:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2006-6097

Redhat

Severity : Moderate

Publid Date: 2006-11-21T00:00:00Z

Links: CVE-2006-6097 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-11-21T00:00:00", "descriptions": [{"lang": "en", "value": "GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function in extract.c and extract_mangle function in mangle.c, a variant of CVE-2002-1216."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-17T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "23117", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23117"}, {"name": "oval:org.mitre.oval:def:10963", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10963"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-821"}, {"name": "1918", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/1918"}, {"name": "TA07-072A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"}, {"name": "21235", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/21235"}, {"name": "23146", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23146"}, {"name": "20061121 GNU tar directory traversal", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050812.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://kb.vmware.com/KanisaPlatform/Publishing/817/2240267_f.SAL_Public.html"}, {"name": "APPLE-SA-2007-03-13", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"}, {"name": "23209", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23209"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://docs.info.apple.com/article.html?artnum=305214"}, {"name": "ADV-2006-5102", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/5102"}, {"name": "2006-0068", "tags": ["vendor-advisory", "x_refsource_TRUSTIX"], "url": "http://www.trustix.org/errata/2006/0068/"}, {"name": "23142", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23142"}, {"name": "23314", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23314"}, {"name": "ADV-2007-1171", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1171"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-015.htm"}, {"name": "GLSA-200612-10", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200612-10.xml"}, {"name": "23198", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23198"}, {"name": "23115", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23115"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"}, {"name": "20061201 rPSA-2006-0222-1 tar", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/453286/100/0/threaded"}, {"name": "23911", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23911"}, {"name": "20061202-01-P", "tags": ["vendor-advisory", "x_refsource_SGI"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc"}, {"name": "USN-385-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-385-1"}, {"name": "20070330 VMSA-2007-0002 VMware ESX security updates", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"}, {"name": "23173", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23173"}, {"name": "RHSA-2006:0749", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2006-0749.html"}, {"name": "FreeBSD-SA-06:26", "tags": ["vendor-advisory", "x_refsource_FREEBSD"], "url": "http://security.freebsd.org/advisories/FreeBSD-SA-06:26.gtar.asc"}, {"name": "1017423", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017423"}, {"name": "24636", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24636"}, {"name": "DSA-1223", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2006/dsa-1223"}, {"name": "ADV-2007-0930", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/0930"}, {"name": "23443", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23443"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216937"}, {"name": "MDKSA-2006:219", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:219"}, {"name": "OpenPKG-SA-2006.038", "tags": ["vendor-advisory", "x_refsource_OPENPKG"], "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.038.html"}, {"name": "ADV-2006-4717", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/4717"}, {"name": "23514", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23514"}, {"name": "SSA:2006-335-01", "tags": ["vendor-advisory", "x_refsource_SLACKWARE"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.469379"}, {"name": "24479", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24479"}, {"name": "23163", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23163"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-6097", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function in extract.c and extract_mangle function in mangle.c, a variant of CVE-2002-1216."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "23117", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23117"}, {"name": "oval:org.mitre.oval:def:10963", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10963"}, {"name": "https://issues.rpath.com/browse/RPL-821", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-821"}, {"name": "1918", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/1918"}, {"name": "TA07-072A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"}, {"name": "21235", "refsource": "BID", "url": "http://www.securityfocus.com/bid/21235"}, {"name": "23146", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23146"}, {"name": "20061121 GNU tar directory traversal", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050812.html"}, {"name": "http://kb.vmware.com/KanisaPlatform/Publishing/817/2240267_f.SAL_Public.html", "refsource": "CONFIRM", "url": "http://kb.vmware.com/KanisaPlatform/Publishing/817/2240267_f.SAL_Public.html"}, {"name": "APPLE-SA-2007-03-13", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"}, {"name": "23209", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23209"}, {"name": "http://docs.info.apple.com/article.html?artnum=305214", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=305214"}, {"name": "ADV-2006-5102", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/5102"}, {"name": "2006-0068", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2006/0068/"}, {"name": "23142", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23142"}, {"name": "23314", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23314"}, {"name": "ADV-2007-1171", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1171"}, {"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-015.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-015.htm"}, {"name": "GLSA-200612-10", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200612-10.xml"}, {"name": "23198", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23198"}, {"name": "23115", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23115"}, {"name": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"}, {"name": "20061201 rPSA-2006-0222-1 tar", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/453286/100/0/threaded"}, {"name": "23911", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23911"}, {"name": "20061202-01-P", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc"}, {"name": "USN-385-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-385-1"}, {"name": "20070330 VMSA-2007-0002 VMware ESX security updates", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"}, {"name": "23173", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23173"}, {"name": "RHSA-2006:0749", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2006-0749.html"}, {"name": "FreeBSD-SA-06:26", "refsource": "FREEBSD", "url": "http://security.freebsd.org/advisories/FreeBSD-SA-06:26.gtar.asc"}, {"name": "1017423", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017423"}, {"name": "24636", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24636"}, {"name": "DSA-1223", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1223"}, {"name": "ADV-2007-0930", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0930"}, {"name": "23443", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23443"}, {"name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216937", "refsource": "MISC", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216937"}, {"name": "MDKSA-2006:219", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:219"}, {"name": "OpenPKG-SA-2006.038", "refsource": "OPENPKG", "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.038.html"}, {"name": "ADV-2006-4717", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/4717"}, {"name": "23514", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23514"}, {"name": "SSA:2006-335-01", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.469379"}, {"name": "24479", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24479"}, {"name": "23163", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23163"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T20:12:31.768Z"}, "title": "CVE Program Container", "references": [{"name": "23117", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23117"}, {"name": "oval:org.mitre.oval:def:10963", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10963"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.rpath.com/browse/RPL-821"}, {"name": "1918", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/1918"}, {"name": "TA07-072A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"}, {"name": "21235", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/21235"}, {"name": "23146", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23146"}, {"name": "20061121 GNU tar directory traversal", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050812.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://kb.vmware.com/KanisaPlatform/Publishing/817/2240267_f.SAL_Public.html"}, {"name": "APPLE-SA-2007-03-13", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"}, {"name": "23209", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23209"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://docs.info.apple.com/article.html?artnum=305214"}, {"name": "ADV-2006-5102", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/5102"}, {"name": "2006-0068", "tags": ["vendor-advisory", "x_refsource_TRUSTIX", "x_transferred"], "url": "http://www.trustix.org/errata/2006/0068/"}, {"name": "23142", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23142"}, {"name": "23314", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23314"}, {"name": "ADV-2007-1171", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/1171"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-015.htm"}, {"name": "GLSA-200612-10", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200612-10.xml"}, {"name": "23198", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23198"}, {"name": "23115", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23115"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"}, {"name": "20061201 rPSA-2006-0222-1 tar", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/453286/100/0/threaded"}, {"name": "23911", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23911"}, {"name": "20061202-01-P", "tags": ["vendor-advisory", "x_refsource_SGI", "x_transferred"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc"}, {"name": "USN-385-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-385-1"}, {"name": "20070330 VMSA-2007-0002 VMware ESX security updates", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"}, {"name": "23173", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23173"}, {"name": "RHSA-2006:0749", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2006-0749.html"}, {"name": "FreeBSD-SA-06:26", "tags": ["vendor-advisory", "x_refsource_FREEBSD", "x_transferred"], "url": "http://security.freebsd.org/advisories/FreeBSD-SA-06:26.gtar.asc"}, {"name": "1017423", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017423"}, {"name": "24636", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24636"}, {"name": "DSA-1223", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2006/dsa-1223"}, {"name": "ADV-2007-0930", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/0930"}, {"name": "23443", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23443"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216937"}, {"name": "MDKSA-2006:219", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:219"}, {"name": "OpenPKG-SA-2006.038", "tags": ["vendor-advisory", "x_refsource_OPENPKG", "x_transferred"], "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.038.html"}, {"name": "ADV-2006-4717", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/4717"}, {"name": "23514", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23514"}, {"name": "SSA:2006-335-01", "tags": ["vendor-advisory", "x_refsource_SLACKWARE", "x_transferred"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.469379"}, {"name": "24479", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24479"}, {"name": "23163", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23163"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-6097", "datePublished": "2006-11-24T18:00:00", "dateReserved": "2006-11-24T00:00:00", "dateUpdated": "2024-08-07T20:12:31.768Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:tar:1.15.1:*:*:*:*:*:*:*", "matchCriteriaId": "B8B4A20D-AAD0-4857-AC0F-D221EBB08BFD", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:tar:1.16:*:*:*:*:*:*:*", "matchCriteriaId": "7B6D83BA-6C85-43F3-87FD-A77CC6F1D21A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function in extract.c and extract_mangle function in mangle.c, a variant of CVE-2002-1216."}, {"lang": "es", "value": "GNU tar 1.16 y 1.15.1, y posiblemente otras versiones, permiten a un atacante con la intervenci\u00f3n del usuario sobreescribir ficheros de su elecci\u00f3n a trav\u00e9s del fichero tar que contiene un registro GNUTYPE_NAMES con un enlace simb\u00f3lico, lo cual no se maneja de forma adecuada por la funci\u00f3n extract_archive en extract.c y la funci\u00f3n extract_mangle en mangle.c, un variante de CVE-2002-1216."}], "id": "CVE-2006-6097", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2006-11-24T18:07:00.000", "references": [{"source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc"}, {"source": "cve@mitre.org", "url": "http://docs.info.apple.com/article.html?artnum=305214"}, {"source": "cve@mitre.org", "url": "http://kb.vmware.com/KanisaPlatform/Publishing/817/2240267_f.SAL_Public.html"}, {"source": "cve@mitre.org", "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050812.html"}, {"source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2006-0749.html"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/23115"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/23117"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/23142"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/23146"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/23163"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/23173"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/23198"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/23209"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/23314"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/23443"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/23514"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/23911"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/24479"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/24636"}, {"source": "cve@mitre.org", "url": "http://security.freebsd.org/advisories/FreeBSD-SA-06:26.gtar.asc"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200612-10.xml"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/1918"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1017423"}, {"source": "cve@mitre.org", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.469379"}, {"source": "cve@mitre.org", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-015.htm"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-1223"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:219"}, {"source": "cve@mitre.org", "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.038.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/453286/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/21235"}, {"source": "cve@mitre.org", "url": "http://www.trustix.org/errata/2006/0068/"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-385-1"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"}, {"source": "cve@mitre.org", "url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/4717"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/5102"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/0930"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/1171"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216937"}, {"source": "cve@mitre.org", "url": "https://issues.rpath.com/browse/RPL-821"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10963"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://docs.info.apple.com/article.html?artnum=305214"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://kb.vmware.com/KanisaPlatform/Publishing/817/2240267_f.SAL_Public.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050812.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2006-0749.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23115"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23117"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23142"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23146"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23163"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23173"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23198"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23209"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23314"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23443"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23514"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23911"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24479"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24636"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.freebsd.org/advisories/FreeBSD-SA-06:26.gtar.asc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200612-10.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/1918"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1017423"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.469379"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-015.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1223"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:219"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.038.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/453286/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/21235"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2006/0068/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-385-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/4717"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/5102"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/0930"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/1171"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216937"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-821"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10963"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2006:0749", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "package": "tar-0:1.13.25-6.AS21.1", "product_name": "Red Hat Enterprise Linux 2.1", "release_date": "2006-12-19T00:00:00Z"}, {"advisory": "RHSA-2006:0749", "cpe": "cpe:/o:redhat:enterprise_linux:3", "package": "tar-0:1.13.25-15.RHEL3", "product_name": "Red Hat Enterprise Linux 3", "release_date": "2006-12-19T00:00:00Z"}, {"advisory": "RHSA-2006:0749", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "tar-0:1.14-12.RHEL4", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2006-12-19T00:00:00Z"}], "bugzilla": {"description": "security flaw", "id": "1618237", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618237"}, "csaw": false, "details": ["GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function in extract.c and extract_mangle function in mangle.c, a variant of CVE-2002-1216."], "name": "CVE-2006-6097", "public_date": "2006-11-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2006-6097\nhttps://nvd.nist.gov/vuln/detail/CVE-2006-6097"], "statement": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "threat_severity": "Moderate"}

Metrics

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object