ID de Prueba:	1.3.6.1.4.1.25623.1.0.57660
Categoría:	Turbolinux Local Security Tests
Título:	Turbolinux TLSA-2006-42 (tar)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to tar announced via advisory TLSA-2006-42. The program saves many files together into a single tape or disk archive, and can restore individual files from the archive. It includes multivolume support, the ability to archive sparse files, automatic archive compression/decompression, remote archives and special features that allow 'tar' to be used for incremental and full backups. The tar allows attackers to overwrite arbitrary files via a symbolic link attack. This vulnerability may allow attackers to overwrite arbitrary files via a symbolic link attack. Solution: Please use the turbopkg (zabom) tool to apply the update. https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2006-42 Risk factor : Medium CVSS Score: 4.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-6097 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html BugTraq ID: 21235 http://www.securityfocus.com/bid/21235 Bugtraq: 20061201 rPSA-2006-0222-1 tar (Google Search) http://www.securityfocus.com/archive/1/453286/100/0/threaded Bugtraq: 20070330 VMSA-2007-0002 VMware ESX security updates (Google Search) http://www.securityfocus.com/archive/1/464268/100/0/threaded Cert/CC Advisory: TA07-072A http://www.us-cert.gov/cas/techalerts/TA07-072A.html Debian Security Information: DSA-1223 (Google Search) http://www.debian.org/security/2006/dsa-1223 FreeBSD Security Advisory: FreeBSD-SA-06:26 http://security.freebsd.org/advisories/FreeBSD-SA-06:26.gtar.asc http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050812.html http://security.gentoo.org/glsa/glsa-200612-10.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:219 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216937 http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.038.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10963 RedHat Security Advisories: RHSA-2006:0749 http://rhn.redhat.com/errata/RHSA-2006-0749.html http://securitytracker.com/id?1017423 http://secunia.com/advisories/23115 http://secunia.com/advisories/23117 http://secunia.com/advisories/23142 http://secunia.com/advisories/23146 http://secunia.com/advisories/23163 http://secunia.com/advisories/23173 http://secunia.com/advisories/23198 http://secunia.com/advisories/23209 http://secunia.com/advisories/23314 http://secunia.com/advisories/23443 http://secunia.com/advisories/23514 http://secunia.com/advisories/23911 http://secunia.com/advisories/24479 http://secunia.com/advisories/24636 SGI Security Advisory: 20061202-01-P ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.469379 http://securityreason.com/securityalert/1918 http://www.trustix.org/errata/2006/0068/ http://www.ubuntu.com/usn/usn-385-1 http://www.vupen.com/english/advisories/2006/4717 http://www.vupen.com/english/advisories/2006/5102 http://www.vupen.com/english/advisories/2007/0930 http://www.vupen.com/english/advisories/2007/1171
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.