Showing 1 - 3 of 3

CVE-2007-3644

Status Candidate

Overview

archive_read_support_format_tar.c in libarchive before 2.2.4 allows user-assisted remote attackers to cause a denial of service (infinite loop) via (1) an end-of-file condition within a pax extension header or (2) a malformed pax extension header in an (a) PAX or a (b) TAR archive.

Related Files

Debian Linux Security Advisory 1455-1: Posted Jan 8, 2008; Authored by Debian | Site debian.org; Debian Security Advisory 1455-1 - Several local/remote vulnerabilities have been discovered in libarchive1, a single library to read/write tar, cpio, pax, zip, iso9660, archives.; tags | advisory, remote, local, vulnerability; systems | linux, debian; advisories | CVE-2007-3641, CVE-2007-3644, CVE-2007-3645; SHA-256 | 56da8c419f4cd6a884cc7f100170ca32f5ceef6a0a326701dd9752d610e14883; Download | Favorite | View

Gentoo Linux Security Advisory 200708-3: Posted Aug 9, 2007; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory GLSA 200708-03 - CPNI, CERT-FI, Tim Kientzle, and Colin Percival reported a buffer overflow (CVE-2007-3641), an infinite loop (CVE-2007-3644), and a NULL pointer dereference (CVE-2007-3645) within the processing of archives having corrupted PaX extension headers. Versions less than 2.2.4 are affected.; tags | advisory, overflow; systems | linux, gentoo; advisories | CVE-2007-3641, CVE-2007-3644, CVE-2007-3645; SHA-256 | 4f868f9ee2fb9a3722f68545844da74d913fc07b3a39218d59baed3a041695d6; Download | Favorite | View

FreeBSD-SA-07-05.libarchive.txt: Posted Jul 13, 2007; Site security.freebsd.org; FreeBSD Security Advisory - Several problems have been found in the libarchive code used to parse the tar and pax interchange formats. These include entering an infinite loop if an archive prematurely ends within a pax extension header or if certain types of corruption occur in pax extension headers, dereferencing a NULL pointer if an archive prematurely ends within a tar header immediately following a pax extension header or if certain other types of corruption occur in pax extension headers, and miscomputing the length of a buffer resulting in a buffer overflow if yet another type of corruption occurs in a pax extension header.; tags | advisory, overflow; systems | freebsd; advisories | CVE-2007-3641, CVE-2007-3644, CVE-2007-3645; SHA-256 | b38942f713cc47fbfb1b3c24182ba24175fea8220d4abee0c036c12cbc41e014; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 223 files
Ubuntu 61 files
Debian 20 files
LiquidWorm 20 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,160)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,842)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,249)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,975)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2007-3644

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems