CVE-2016-6321

Published on: 12/09/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:12 PM UTC

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Certain versions of Tar from Gnu contain the following vulnerability:

Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka POINTYFEATHER.

  • CVE-2016-6321 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.

CVSS3 Score: 7.5 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED NONE HIGH NONE

CVSS2 Score: 5 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
NONE PARTIAL NONE

CVE References

Description Tags Link
Re: [Bug-tar] possible fixes for CVE-2016-6321 Mailing List
Vendor Advisory
lists.gnu.org
text/html
URL Logo MLIST [bug-tar] 20161029 Re: [Bug-tar] possible fixes for CVE-2016-6321
Tar: Extract pathname bypass (GLSA 201611-19) — Gentoo security security.gentoo.org
text/html
URL Logo GENTOO GLSA-201611-19
GNU Tar CVE-2016-6321 Security Bypass Vulnerability Third Party Advisory
VDB Entry
cve.report (archive)
text/html
URL Logo BID 93937
GNU tar 1.29 Extract Pathname Bypass ≈ Packet Storm Exploit
Third Party Advisory
VDB Entry
packetstormsecurity.com
text/html
URL Logo MISC packetstormsecurity.com/files/139370/GNU-tar-1.29-Extract-Pathname-Bypass.html
Full Disclosure: [CSS] POINTYFEATHER / tar extract pathname bypass (CVE-2016-6321) Mailing List
Third Party Advisory
seclists.org
text/html
URL Logo FULLDISC 20161026 [CSS] POINTYFEATHER / tar extract pathname bypass (CVE-2016-6321)
Full Disclosure: [CSS] POINTYFEATHER / tar extract pathname bypass (CVE-2016-6321) - patch update Mailing List
Patch
Third Party Advisory
seclists.org
text/html
URL Logo FULLDISC 20161030 [CSS] POINTYFEATHER / tar extract pathname bypass (CVE-2016-6321) - patch update
tar.git - GNU Tar Issue Tracking
Patch
git.savannah.gnu.org
text/html
URL Logo CONFIRM git.savannah.gnu.org/cgit/tar.git/commit/?id=7340f67b9860ea0531c1450e5aa261c50f67165d
USN-3132-1: tar vulnerability | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-3132-1
Third Party Advisory
sintonen.fi
text/plain
MISC sintonen.fi/advisories/tar-extract-pathname-bypass.proper.txt
Debian -- Security Information -- DSA-3702-1 tar www.debian.org
Depreciated Link
text/html
URL Logo DEBIAN DSA-3702

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationGnuTar1.14AllAllAll
ApplicationGnuTar1.15AllAllAll
ApplicationGnuTar1.15.1AllAllAll
ApplicationGnuTar1.15.90AllAllAll
ApplicationGnuTar1.15.91AllAllAll
ApplicationGnuTar1.16AllAllAll
ApplicationGnuTar1.16.1AllAllAll
ApplicationGnuTar1.17AllAllAll
ApplicationGnuTar1.18AllAllAll
ApplicationGnuTar1.19AllAllAll
ApplicationGnuTar1.20AllAllAll
ApplicationGnuTar1.21AllAllAll
ApplicationGnuTar1.22AllAllAll
ApplicationGnuTar1.23AllAllAll
ApplicationGnuTar1.24AllAllAll
ApplicationGnuTar1.25AllAllAll
ApplicationGnuTar1.26AllAllAll
ApplicationGnuTar1.27AllAllAll
ApplicationGnuTar1.27.1AllAllAll
ApplicationGnuTar1.28AllAllAll
ApplicationGnuTar1.29AllAllAll
ApplicationGnuTar1.14AllAllAll
ApplicationGnuTar1.15AllAllAll
ApplicationGnuTar1.15.1AllAllAll
ApplicationGnuTar1.15.90AllAllAll
ApplicationGnuTar1.15.91AllAllAll
ApplicationGnuTar1.16AllAllAll
ApplicationGnuTar1.16.1AllAllAll
ApplicationGnuTar1.17AllAllAll
ApplicationGnuTar1.18AllAllAll
ApplicationGnuTar1.19AllAllAll
ApplicationGnuTar1.20AllAllAll
ApplicationGnuTar1.21AllAllAll
ApplicationGnuTar1.22AllAllAll
ApplicationGnuTar1.23AllAllAll
ApplicationGnuTar1.24AllAllAll
ApplicationGnuTar1.25AllAllAll
ApplicationGnuTar1.26AllAllAll
ApplicationGnuTar1.27AllAllAll
ApplicationGnuTar1.27.1AllAllAll
ApplicationGnuTar1.28AllAllAll
ApplicationGnuTar1.29AllAllAll
  • cpe:2.3:a:gnu:tar:1.14:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.15:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.15.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.15.90:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.15.91:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.16:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.16.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.17:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.18:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.19:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.20:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.21:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.22:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.23:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.24:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.25:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.26:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.27:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.27.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.28:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.29:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.14:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.15:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.15.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.15.90:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.15.91:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.16:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.16.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.17:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.18:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.19:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.20:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.21:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.22:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.23:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.24:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.25:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.26:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.27:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.27.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.28:*:*:*:*:*:*:*:
  • cpe:2.3:a:gnu:tar:1.29:*:*:*:*:*:*:*: