Signature Detail

HTTP: GNU Tar PAX Extended Headers Handling Buffer Overflow

This signature detects attempts to exploit a known vulnerability in GNU Tar archive utility. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Extended Description

GNU Tar is prone to a buffer overflow when handling invalid headers. Successful exploitation could potentially lead to arbitrary code execution, but this has not been confirmed. Tar 1.14 through 1.15.90 are affected; other versions may also be vulnerable.

Affected Products

• Apple Mac OS X 10.4.0
• Apple Mac OS X 10.4.1
• Apple Mac OS X 10.4.2
• Apple Mac OS X 10.4.3
• Apple Mac OS X 10.4.4
• Apple Mac OS X 10.4.5
• Apple Mac OS X 10.4.6
• Apple Mac OS X 10.4.7
• Apple Mac OS X 10.4.8
• Apple Mac OS X 10.4.9
• Apple Mac OS X Server 10.4.0
• Apple Mac OS X Server 10.4.1
• Apple Mac OS X Server 10.4.2
• Apple Mac OS X Server 10.4.3
• Apple Mac OS X Server 10.4.4
• Apple Mac OS X Server 10.4.5
• Apple Mac OS X Server 10.4.6
• Apple Mac OS X Server 10.4.7
• Apple Mac OS X Server 10.4.8
• Apple Mac OS X Server 10.4.9
• Avaya Interactive Response 2.0
• Avaya Interactive Response 3.0
• Avaya S8300 R2.0.0
• Avaya S8300 R2.0.1
• Avaya S8500 R2.0.0
• Avaya S8500 R2.0.1
• Avaya S8700 R2.0.0
• Avaya S8700 R2.0.1
• Avaya S8710 R2.0.0
• Avaya S8710 R2.0.1
• Debian Linux 3.1.0
• Debian Linux 3.1.0 Alpha
• Debian Linux 3.1.0 Amd64
• Debian Linux 3.1.0 Arm
• Debian Linux 3.1.0 Hppa
• Debian Linux 3.1.0 Ia-32
• Debian Linux 3.1.0 Ia-64
• Debian Linux 3.1.0 M68k
• Debian Linux 3.1.0 Mips
• Debian Linux 3.1.0 Mipsel
• Debian Linux 3.1.0 Ppc
• Debian Linux 3.1.0 S/390
• Debian Linux 3.1.0 Sparc
• Gentoo Linux
• GNU tar 1.14
• GNU tar 1.14.90
• GNU tar 1.15
• GNU tar 1.15.1
• GNU tar 1.15.90
• OpenPKG 2.3.0
• OpenPKG 2.4.0
• OpenPKG 2.5.0
• OpenPKG Current
• Red Hat Desktop 4.0.0
• Red Hat Enterprise Linux AS 4
• Red Hat Enterprise Linux ES 4
• Red Hat Enterprise Linux WS 4
• Red Hat Fedora Core1
• Red Hat Fedora Core2
• Red Hat Fedora Core3
• Red Hat Linux 7.3.0 I386
• Red Hat Linux 9.0.0 I386
• Sun OpenSolaris Build Snv 01
• Sun OpenSolaris Build Snv 02
• Sun OpenSolaris Build Snv 13
• Sun OpenSolaris Build Snv 19
• Sun OpenSolaris Build Snv 22
• Sun OpenSolaris Build Snv 36
• Sun OpenSolaris Build Snv 39
• Sun OpenSolaris Build Snv 59
• Sun OpenSolaris Build Snv 64
• Sun OpenSolaris Build Snv 67
• Sun OpenSolaris Build Snv 68
• Sun OpenSolaris Build Snv 80
• Sun Solaris 10 Sparc
• Sun Solaris 10 X86
• Sun Solaris 9 Sparc
• Sun Solaris 9 X86
• SuSE Linux Personal 10.0.0 OSS
• SuSE Linux Personal 9.3.0
• SuSE Linux Personal 9.3.0 X86 64
• SuSE Linux Professional 10.0.0 OSS
• SuSE Linux Professional 9.3.0
• SuSE Linux Professional 9.3.0 X86 64
• Trustix Secure Enterprise Linux 2.0.0
• Trustix Secure Linux 2.2.0
• Trustix Secure Linux 3.0.0
• Ubuntu Ubuntu Linux 5.0.0 4 Amd64
• Ubuntu Ubuntu Linux 5.0.0 4 I386
• Ubuntu Ubuntu Linux 5.0.0 4 Powerpc
• Ubuntu Ubuntu Linux 5.10.0 Amd64
• Ubuntu Ubuntu Linux 5.10.0 I386
• Ubuntu Ubuntu Linux 5.10.0 Powerpc

References

• BugTraq: 16764
• CVE: CVE-2006-0300