GNU Tar "Pointy Feather" Vulnerability Disclosed (CVE-2016-6321)
![GNU](/assets/categories/gnu.webp)
The GNU Pointy Feather vulnerability comes down to a pathname bypass on the Tar extraction process. Regardless of the path-name(s) specified on the command-line, the attack allows for file and directory overwrite attacks using specially crafted tar archives.
The CVE notice explains, "GNU `tar' archiver attempts to avoid path traversal attacks by removing offending parts of the element name at extract. This sanitizing leads to a vulnerability where the attacker can bypass the path name(s) specified on the command line...The discovered vulnerability, described in more detail below, enables file and directory overwrite attacks against the user or system by using a crafted tar archive. The attack requires that the victim or system extract the crafted tar archive prepared by the attacker. Automated systems extracting paths from archives originating from untrusted sources are in particular danger, especially if the extract operation is performed with elevated privileges."
4 Comments