DOCUMENTATION

Views

Search

Toolbox

Advisories:rPSA-2007-0222

From rPath Wiki

Jump to: navigation, search

rPath Security Advisory 2007-0222-1

Published: 2007-10-23

Products

rPath Linux 1

Rating

Minor

Exposure Level Classification

Indirect Deterministic Denial of Service

Updated Versions

cpio=conary.rpath.com@rpl:1/2.6-14.1-1
tar=conary.rpath.com@rpl:1/1.15.1-7.3-1

rPath Issue Tracking System

RPL-1861

References

CVE-2007-4476

Description

Previous versions of the cpio and tar packages are vulnerable to a

Denial of Service attack in which an attacker can use a malformed

archive file to cause a stack-based buffer overflow, crashing the

application. It is not believed that this vulnerability can be

exploited to execute malicious code.

Copyright 2007 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html

Retrieved from "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0222"

Categories: Support Issue | Advisories