|Bugzilla:||280961: CVE-2007-4476 tar/cpio stack crashing in safer_name_suffix|
The MITRE CVE dictionary describes this issue as:
Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."
This issue was addressed in Red Hat Enterprise Linux 4 and 5 via https://rhn.redhat.com/errata/RHSA-2010-0141.html for tar. It did not affect the version of tar as shipped with Red Hat Enterprise Linux 3. This issue was also addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2010-0144.html for cpio. It did not affect the version of cpio as shipped with Red Hat Enterprise Linux 3 and 4.
CVSS v2 metrics
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat security errata
|Red Hat Enterprise Linux version 4 (tar)||RHSA-2010:0141||March 15, 2010|
|Red Hat Enterprise Linux version 5 (cpio)||RHSA-2010:0144||March 16, 2010|
|Red Hat Enterprise Linux version 5 (tar)||RHSA-2010:0141||March 15, 2010|
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.