GNU tar 解压路径绕过漏洞(CVE-2016-6321) 分析 - 知道创宇
Tags
| attack-pattern: | Cron - T1053.003 Software - T1592.002 Ssh - T1021.004 Sudo - T1169 |
Common Information
| Type | Value |
|---|---|
| UUID | 0340a6fb-54c0-4326-b94c-ec4834697dee |
| Fingerprint | ae299177889cbe88 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Nov. 10, 2016, midnight |
| Added to db | Jan. 18, 2023, 7:34 p.m. |
| Last updated | Nov. 18, 2024, 8:33 a.m. |
| Headline | GNU tar 解压路径绕过漏洞(CVE-2016-6321) 分析 |
| Title | GNU tar 解压路径绕过漏洞(CVE-2016-6321) 分析 - 知道创宇 |
| Detected Hints/Tags/Attributes | 15/1/19 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 1 | cve-2016-6321 |
|
| Details | Domain | 2 | sintonen.fi |
|
| Details | Domain | 3 | git.savannah.gnu.org |
|
| Details | Domain | 6 | www.seebug.org |
|
| Details | Domain | 11 | bugs.debian.org |
|
| Details | Domain | 35 | www.gnu.org |
|
| Details | Domain | 1 | cvs.savannah.gnu.org |
|
| Details | File | 1 | tar-poc.tar |
|
| Details | File | 1 | proper.txt |
|
| Details | sha1 | 1 | 7340f67b9860ea0531c1450e5aa261c50f67165d |
|
| Details | Url | 1 | https://sintonen.fi/advisories/tar-poc.tar |
|
| Details | Url | 1 | https://sintonen.fi/advisories/tar-poc.tar下载测试tar包后在提取前重命名 |
|
| Details | Url | 1 | http://git.savannah.gnu.org/cgit/tar.git/commit/?id=7340f67b9860ea0531c1450e5aa261c50f67165d |
|
| Details | Url | 1 | https://www.seebug.org/vuldb/ssvid-92524 |
|
| Details | Url | 1 | https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842339 |
|
| Details | Url | 1 | https://sintonen.fi/advisories/tar-extract-pathname-bypass.proper.txt |
|
| Details | Url | 1 | https://sintonen.fi/advisories/tar-extract-pathname-bypass.patch |
|
| Details | Url | 1 | https://www.gnu.org/software/tar |
|
| Details | Url | 1 | http://cvs.savannah.gnu.org/viewvc/tar/tar/src/extract.c?view=log&pathrev=release115_1#rev1.47 |