---------------------------------------------------------------------- 2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published How do you know which Secunia advisories are important to you? The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively. Get a free trial of the Secunia Vulnerability Intelligence Solutions: http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv ---------------------------------------------------------------------- TITLE: Fedora update for tar SECUNIA ADVISORY ID: SA27514 VERIFY ADVISORY: http://secunia.com/advisories/27514/ CRITICAL: Not critical IMPACT: DoS WHERE: >From remote OPERATING SYSTEM: Fedora Core 6 http://secunia.com/product/12487/ DESCRIPTION: Fedora has issued an update for tar. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing specially crafted tar archives and can be exploited to cause a stack-based buffer overflow and crash the vulnerable application. SOLUTION: Apply updated packages. 0fc5ceb49c465c5dc3d2f4b4f1d9c0c87809840e SRPMS/tar-1.15.1-27.fc6.src.rpm 0fc5ceb49c465c5dc3d2f4b4f1d9c0c87809840e noarch/tar-1.15.1-27.fc6.src.rpm dbe7ba8a4d0484cc1d1e6e5a2691827d59a892dd ppc/debug/tar-debuginfo-1.15.1-27.fc6.ppc.rpm 481ac4dbed67bfc0d63e0a0fe231fa90711c7109 ppc/tar-1.15.1-27.fc6.ppc.rpm 2e4cfe41ed3972f049edf32bf12afa11c5df5be6 x86_64/debug/tar-debuginfo-1.15.1-27.fc6.x86_64.rpm a958789d3a682b2e40266414fc61bbb527ebb16f x86_64/tar-1.15.1-27.fc6.x86_64.rpm cdcd04d75f37a5e9ec54c8cee8abf176be1755a8 i386/tar-1.15.1-27.fc6.i386.rpm 010f340db722db162b65082dee12ecb745988744 i386/debug/tar-debuginfo-1.15.1-27.fc6.i386.rpm ORIGINAL ADVISORY: https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00073.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------