Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-6097

12 documents10 sources

Severity

4.0MEDIUM

EPSS

10.4%

top 6.77%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

GNU TAR

Timeline

PublishedNov 24

Latest updateMay 3

Description

GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function in extract.c and extract_mangle function in mangle.c, a variant of CVE-2002-1216.

CVSS vector

AV:N/AC:H/C:N/I:P/A:PExploitability: 4.9 | Impact: 4.9

Affected Packages2 packages

▶Debiantar< 1.16-2+3

▶NVDgnu/tar1.15.1, 1.16+1

🔴Vulnerability Details

GHSA

GHSA-f4p7-cvff-gr4c: GNU tar 1↗2022-05-03

▶

CVEList

CVE-2006-6097: GNU tar 1↗2006-11-24

▶

OSV

CVE-2006-6097: GNU tar 1↗2006-11-24

▶

💥Exploits & PoCs

Exploit-DB

GNU Tar 1.1x - 'GNUTYPE_NAMES' Directory Traversal↗2006-11-21

▶

📋Vendor Advisories

BSD

FreeBSD-SA-06:26.gtar: gtar name mangling symlink vulnerability↗2006-12-06

▶

Ubuntu

tar vulnerability↗2006-11-27

▶

Red Hat

security flaw↗2006-11-21

▶

Debian

CVE-2006-6097: tar - GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attac...↗2006

▶

💬Community

Bugzilla

CVE-2006-6097 security flaw↗2018-08-16

▶

Bugzilla

CVE-2006-6097 GNU tar directory traversal↗2006-12-05

▶

Bugzilla

CVE-2006-6097 GNU tar directory traversal↗2006-11-22

▶