[php-maint] Bug#368545: php-pear: CVE-2006-0931: PEAR::Archive_Tar
directory traversal vulnerability
Alec Berryman
alec at thened.net
Mon May 22 22:34:26 UTC 2006
Package: php-pear
Severity: important
Tags: security
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
CVE-2006-0931: "Directory traversal vulnerability in PEAR::Archive_Tar
1.2 allows remote attackers to create and overwrite arbitrary files via
certain crafted pathnames in a TAR archive."
This is PEAR bug 6933 [1] and appears unfixed upstream; the bug is open
and there has not been a new release in 2006. I presume that Debian's
version is affected, but have not tested. Unfortunately, the advisory
[2] does not include steps to reproduce, but rather has a vague link to
a utility to create sample malicious archives.
sarge and woody's php4-pear also contain PEAR::Archive_Tar.
Please include the CVE in your changelog.
Thanks,
Alec
[1] http://pear.php.net/bugs/bug.php?id=6933
[2] http://www.hamid.ir/security/phptar.txt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEcjxyAud/2YgchcQRAoL8AJ9l4zPHnlbuKk7pO2of3166koYnEACgltp0
pXpzZX1K7xsn2njzqsasPRo=
=ZYKt
-----END PGP SIGNATURE-----
More information about the pkg-php-maint
mailing list