Common Vulnerabilities and Exposures assigned an identifier CVE-2007-4476
to the following vulnerability:
Bug in the safer_name_suffix function in GNU tar may lead to a "crashing
stack". It can be used to crash tar while extracting archive containing file
with long name containing unsafe prefix.
Affected function is also part of cpio source code.
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-4476
to the following vulnerability:
Bug in the safer_name_suffix function in GNU tar may lead to a "crashing
stack". It can be used to crash tar while extracting archive containing file
with long name containing unsafe prefix.
Affected function is also part of cpio source code.
References:
http:// www.novell. com/linux/ security/ advisories/ 2007_18_ sr.html lists.gnu. org/archive/ html/bug- cpio/2007- 08/msg00002. html
http://