[php-maint] Bug#368545: php-pear: CVE-2006-0931: PEAR::Archive_Tar directory traversal vulnerability

Alec Berryman alec at thened.net
Mon May 22 22:34:26 UTC 2006


Package: php-pear
Severity: important
Tags: security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2006-0931: "Directory traversal vulnerability in PEAR::Archive_Tar
1.2 allows remote attackers to create and overwrite arbitrary files via
certain crafted pathnames in a TAR archive."

This is PEAR bug 6933 [1] and appears unfixed upstream; the bug is open
and there has not been a new release in 2006.  I presume that Debian's
version is affected, but have not tested.  Unfortunately, the advisory
[2] does not include steps to reproduce, but rather has a vague link to
a utility to create sample malicious archives.

sarge and woody's php4-pear also contain PEAR::Archive_Tar.

Please include the CVE in your changelog.

Thanks,

Alec

[1] http://pear.php.net/bugs/bug.php?id=6933
[2] http://www.hamid.ir/security/phptar.txt

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEcjxyAud/2YgchcQRAoL8AJ9l4zPHnlbuKk7pO2of3166koYnEACgltp0
pXpzZX1K7xsn2njzqsasPRo=
=ZYKt
-----END PGP SIGNATURE-----




More information about the pkg-php-maint mailing list